Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

file::path project vulnerabilities and exploits

(subscribe to this query)
6
CVSSv2
CVE-2012-1988
Puppet 2.6.x prior to 2.6.15 and 2.7.x prior to 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x prior to 2.5.1 allows remote authenticated users with agent SSL keys and file-creation permissions on the puppet master to execute arbitrary commands by crea...
Puppet PuppetPuppet Puppet Enterprise 1.0Puppet Puppet Enterprise 1.1Puppet Puppet EnterpriseFedoraproject Fedora 17Fedoraproject Fedora 16Fedoraproject Fedora 15Debian Debian Linux 7.0Debian Debian Linux 6.0Canonical Ubuntu Linux 11.04Canonical Ubuntu Linux 11.10Canonical Ubuntu Linux 10.04
2.1
CVSSv2
CVE-2012-1986
Puppet 2.6.x prior to 2.6.15 and 2.7.x prior to 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x prior to 2.5.1 allows remote authenticated users with an authorized SSL key and certain permissions on the puppet master to read arbitrary files via a symlin...
Puppet Puppet 2.6.13Puppet Puppet 2.6.6Puppet Puppet 2.6.5Puppet Puppet 2.6.12Puppet Puppet 2.6.11Puppet Puppet 2.6.4Puppet Puppet 2.6.3Puppet Puppet 2.6.8Puppet Puppet 2.6.7Puppet Puppet 2.6.0Puppet Puppet 2.6.14Puppet Puppet 2.6.10Puppet Puppet 2.6.9Puppet Puppet 2.6.2Puppet Puppet 2.6.1Puppet Puppet 2.7.10Puppetlabs Puppet 2.7.0Puppet Puppet 2.7.4Puppet Puppet 2.7.9Puppet Puppet 2.7.8Puppet Puppet 2.7.3Puppet Puppet 2.7.11
3.5
CVSSv2
CVE-2012-1987
Unspecified vulnerability in Puppet 2.6.x prior to 2.6.15 and 2.7.x prior to 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x prior to 2.5.1 allows remote authenticated users with agent SSL keys to (1) cause a denial of service (memory consumption) via a...
Puppet Puppet 2.6.6Puppet Puppet 2.6.5Puppet Puppet 2.6.13Puppet Puppet 2.6.12Puppet Puppet 2.6.4Puppet Puppet 2.6.3Puppet Puppet 2.6.9Puppet Puppet 2.6.8Puppet Puppet 2.6.7Puppet Puppet 2.6.0Puppet Puppet 2.6.14Puppet Puppet 2.6.11Puppet Puppet 2.6.10Puppet Puppet 2.6.2Puppet Puppet 2.6.1Puppet Puppet 2.7.10Puppetlabs Puppet 2.7.1Puppetlabs Puppet 2.7.0Puppet Puppet 2.7.9Puppet Puppet 2.7.8Puppet Puppet 2.7.4Puppet Puppet 2.7.3
7.5
CVSSv2
CVE-2011-1938
Stack-based buffer overflow in the socket_connect function in ext/sockets/sockets.c in PHP 5.3.3 up to and including 5.3.6 might allow context-dependent malicious users to execute arbitrary code via a long pathname for a UNIX socket.
Php Php 5.3.4Php Php 5.3.5Php Php 5.3.3Php Php 5.3.6
7.5
CVSSv2
CVE-2011-1148
Use-after-free vulnerability in the substr_replace function in PHP 5.3.6 and previous versions allows context-dependent malicious users to cause a denial of service (memory corruption) or possibly have unspecified other impact by using the same variable for multiple arguments.
Php Php 5.3.0Php Php 4.0.3Php Php 4.0.4Php Php 4.0Php Php 4.1.0Php Php 4.2.2Php Php 4.2.3Php Php 4.3.2Php Php 4.3.3Php Php 4.4.1Php Php 4.4.2Php Php 4.4.9Php Php 3.0.11Php Php 3.0.18Php Php 3.0.4Php Php 3.0.8Php Php 3.0.5Php Php 5.3.5Php PhpPhp Php 4.0.1Php Php 4.0.2Php Php 4.2.1
5
CVSSv2
CVE-2011-3182
PHP prior to 5.3.7 does not properly check the return values of the malloc, calloc, and realloc library functions, which allows context-dependent malicious users to cause a denial of service (NULL pointer dereference and application crash) or trigger a buffer overflow by leveragi...
Php Php 4.3.3Php Php 4.3.6Php Php 4.4.6Php Php 4.4.7Php Php 4.3.9Php Php 5.2.8Php Php 4.4.0Php Php 5.0.4Php Php 5.2.9Php Php 5.0.0Php Php 5.1.6Php Php 5.2.0Php Php 2.0b10Php Php 2.0Php Php 3.0.11Php Php 3.0.10Php Php 3.0.3Php Php 3.0.15Php Php 3.0.7Php Php 3.0.8Php Php 4.0Php Php 4.0.6
5
CVSSv2
CVE-2011-2483
crypt_blowfish prior to 1.1, as used in PHP prior to 5.3.7 on certain platforms, PostgreSQL prior to 8.4.9, and other products, does not properly handle 8-bit characters, which makes it easier for context-dependent malicious users to determine a cleartext password by leveraging k...
Solar Designer Crypt BlowfishPhp Php 4.3.9Php Php 4.4.9Php Php 3.0Solar Designer Crypt Blowfish 0.4.4Solar Designer Crypt Blowfish 0.4Php Php 5.2.9Php Php 4.0Php Php 3.0.5Php Php 3.0.11Php Php 5.1.5Php Php 5.1.2Php Php 5.3.1Php Php 4.2.0Php Php 5.1.1Php Php 3.0.1Php Php 5.2.14Php Php 3.0.2Php Php 4.4.4Php Php 5.0.0Php Php 4.1.0Php Php 5.1.6
4.3
CVSSv2
CVE-2011-3389
The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle malicious users...
Opera Opera Browser -Microsoft Internet Explorer -Microsoft Windows -Google Chrome -Mozilla Firefox -Siemens Simatic Rf68xr FirmwareSiemens Simatic Rf615r FirmwareHaxx CurlRedhat Enterprise Linux Server 5.0Redhat Enterprise Linux Server Aus 6.2Redhat Enterprise Linux Workstation 5.0Redhat Enterprise Linux Desktop 6.0Redhat Enterprise Linux Server 6.0Redhat Enterprise Linux Workstation 6.0Redhat Enterprise Linux Desktop 5.0Redhat Enterprise Linux Eus 6.2Debian Debian Linux 5.0Debian Debian Linux 6.0Canonical Ubuntu Linux 10.10Canonical Ubuntu Linux 11.04Canonical Ubuntu Linux 11.10Canonical Ubuntu Linux 10.04
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-1183hard-codedCVE-2024-28254CVE-2023-43790buffer overflowbypassCVE-2024-32633CVE-2024-1874CVE-2024-23558
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook