Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
total security vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2024-21616
An Improper Validation of Syntactic Correctness of Input vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated, network-based malicious user to cause Denial of Service (DoS). On all Junos OS MX Series and SRX Series platforms, whe...
Juniper Junos 21.2
Juniper Junos 21.3
Juniper Junos 21.4
Juniper Junos 22.1
Juniper Junos 22.2
Juniper Junos 22.3
Juniper Junos 22.4
Juniper Junos 23.2
7.5
CVSSv3
CVE-2023-39325
A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the malici...
Golang Http2
Golang Go
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Netapp Astra Trident -
Netapp Astra Trident Autosupport -
2 Github repositories
7.5
CVSSv3
CVE-2023-20227
A vulnerability in the Layer 2 Tunneling Protocol (L2TP) feature of Cisco IOS XE Software could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain L2TP packe...
Cisco Ios Xe 16.8.1
Cisco Ios Xe 16.8.1a
Cisco Ios Xe 16.8.1b
Cisco Ios Xe 16.8.1c
Cisco Ios Xe 16.8.1d
Cisco Ios Xe 16.8.1e
Cisco Ios Xe 16.8.1s
Cisco Ios Xe 16.8.2
Cisco Ios Xe 16.8.3
Cisco Ios Xe 16.9.1
Cisco Ios Xe 16.9.1a
Cisco Ios Xe 16.9.1b
Cisco Ios Xe 16.9.1s
Cisco Ios Xe 16.9.2
Cisco Ios Xe 16.9.3
Cisco Ios Xe 16.9.4
Cisco Ios Xe 16.9.5
Cisco Ios Xe 16.9.5f
Cisco Ios Xe 16.9.6
Cisco Ios Xe 16.9.7
Cisco Ios Xe 16.9.8
Cisco Ios Xe 16.10.1
NA
CVE-2023-2022710
A vulnerability in the Layer 2 Tunneling Protocol (L2TP) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain L2TP packets. An...
8.1
CVSSv3
CVE-2023-33242
Crypto wallets implementing the Lindell17 TSS protocol might allow an malicious user to extract the full ECDSA private key by exfiltrating a single bit in every signature attempt (256 in total) because of not adhering to the paper's security proof's assumption regarding...
Lindell17 Project Lindell17 -
2 Github repositories
6.5
CVSSv3
CVE-2023-29406
The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value.
Golang Go
1 Github repository
7.5
CVSSv3
CVE-2023-2828
Every `named` instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the `max-cache-size` statement in the con...
Isc Bind
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Netapp Active Iq Unified Manager -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
Netapp H300s Firmware -
7.8
CVSSv3
CVE-2023-35788
An issue exists in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel prior to 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.
Linux Linux Kernel
Debian Debian Linux 12.0
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 22.04
Debian Debian Linux 10.0
Debian Debian Linux 11.0
9.8
CVSSv3
CVE-2023-29402
The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains directories with newline characters in their names. Modules wh...
Golang Go
Fedoraproject Fedora 38
9.8
CVSSv3
CVE-2023-29405
The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAG...
Golang Go
Fedoraproject Fedora 38
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »