Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian debian linux 1.2 vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv3
CVE-2020-0556
Improper access control in subsystem for BlueZ before version 5.54 may allow an unauthenticated user to potentially enable escalation of privilege and denial of service via adjacent access
Bluez Bluez
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Leap 15.2
5.5
CVSSv3
CVE-2021-45343
In LibreCAD 2.2.0, a NULL pointer dereference in the HATCH handling of libdxfrw allows an malicious user to crash the application using a crafted DXF document.
Librecad Librecad 2.2.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 10.0
Debian Debian Linux 11.0
8.6
CVSSv3
CVE-2020-27153
In BlueZ prior to 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c. A remote attacker could potentially cause a denial of service or code execution, during service discovery, due to a redundant disconnect MGMT event.
Bluez Bluez
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Leap 15.2
9.8
CVSSv3
CVE-2022-28347
A SQL injection issue exists in QuerySet.explain() in Django 2.2 prior to 2.2.28, 3.2 prior to 3.2.13, and 4.0 prior to 4.0.4. This occurs by passing a crafted dictionary (with dictionary expansion) as the **options argument, and placing the injection payload in an option name.
Djangoproject Django
Debian Debian Linux 11.0
2 Github repositories
7.5
CVSSv3
CVE-2021-20228
A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an malicious user to obtain sensitive information. The highest threat...
Redhat Ansible Engine 2.9.18
Redhat Ansible Engine 2.0
Redhat Ansible Tower 3.0
Redhat Ansible Engine 2.9
Redhat Ansible Automation Platform 1.2
Debian Debian Linux 10.0
8.8
CVSSv3
CVE-2021-45341
A buffer overflow vulnerability in CDataMoji of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an malicious user to achieve Remote Code Execution using a crafted JWW document.
Librecad Librecad 2.2.0
Librecad Librecad
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 10.0
Debian Debian Linux 11.0
7.8
CVSSv3
CVE-2021-45342
A buffer overflow vulnerability in CDataList of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an malicious user to achieve Remote Code Execution using a crafted JWW document.
Librecad Librecad 2.2.0
Librecad Librecad
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 10.0
Debian Debian Linux 11.0
7.8
CVSSv3
CVE-2017-16651
Roundcube Webmail prior to 1.1.10, 1.2.x prior to 1.2.7, and 1.3.x prior to 1.3.3 allows unauthorized access to arbitrary files on the host's filesystem, including configuration files, as exploited in the wild in November 2017. The attacker must be able to authenticate at th...
Roundcube Webmail 1.3.0
Roundcube Webmail 1.2.5
Roundcube Webmail
Roundcube Webmail 1.3.2
Roundcube Webmail 1.2.3
Roundcube Webmail 1.2.2
Roundcube Webmail 1.2.1
Roundcube Webmail 1.2.0
Roundcube Webmail 1.3.1
Roundcube Webmail 1.2.6
Roundcube Webmail 1.2.4
Debian Debian Linux 9.0
Debian Debian Linux 7.0
2 Github repositories
8.2
CVSSv3
CVE-2019-8308
Flatpak prior to 1.0.7, and 1.1.x and 1.2.x prior to 1.2.3, exposes /proc in the apply_extra script sandbox, which allows malicious users to modify a host-side executable file.
Flatpak Flatpak
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Eus 7.6
6.1
CVSSv3
CVE-2016-1236
Multiple cross-site scripting (XSS) vulnerabilities in (1) revision.php, (2) log.php, (3) listing.php, and (4) comp.php in WebSVN allow context-dependent malicious users to inject arbitrary web script or HTML via the name of a (a) file or (b) directory in a repository.
Websvn Websvn
Debian Debian Linux 8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »