Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian debian linux 7.0 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-5335
In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the WCP dissector could crash. This was addressed in epan/dissectors/packet-wcp.c by validating the available buffer length.
Wireshark Wireshark
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
4.9
CVSSv2
CVE-2018-10981
An issue exists in Xen up to and including 4.10.x allowing x86 HVM guest OS users to cause a denial of service (host OS infinite loop) in situations where a QEMU device model attempts to make invalid transitions between states of a request.
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Xen Xen
7.2
CVSSv2
CVE-2018-10982
An issue exists in Xen up to and including 4.10.x allowing x86 HVM guest OS users to cause a denial of service (unexpectedly high interrupt number, array overrun, and hypervisor crash) or possibly gain hypervisor privileges by setting up an HPET timer to deliver interrupts in IO-...
Xen Xen
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
4.3
CVSSv2
CVE-2017-6927
Drupal 8.4.x versions prior to 8.4.5 and Drupal 7.x versions prior to 7.57 has a Drupal.checkPlain() JavaScript function which is used to escape potentially dangerous text before outputting it to HTML (as JavaScript output does not typically go through Twig autoescaping). This fu...
Drupal Drupal
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
3.5
CVSSv2
CVE-2017-6928
Drupal core 7.x versions prior to 7.57 when using Drupal's private file system, Drupal will check to make sure a user has access to a file before allowing the user to view or download it. This check fails under certain conditions in which one module is trying to grant access...
Drupal Drupal
Debian Debian Linux 9.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
4.3
CVSSv2
CVE-2017-6929
A jQuery cross site scripting vulnerability is present when making Ajax requests to untrusted domains. This vulnerability is mitigated by the fact that it requires contributed or custom modules in order to exploit. For Drupal 8, this vulnerability was already fixed in Drupal 8.4....
Drupal Drupal
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
5.8
CVSSv2
CVE-2017-6932
Drupal core 7.x versions prior to 7.57 has an external link injection vulnerability when the language switcher block is used. A similar vulnerability exists in various custom and contributed modules. This vulnerability could allow an malicious user to trick users into unwillingly...
Drupal Drupal
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
5
CVSSv2
CVE-2016-9646
ikiwiki prior to 3.20161229 incorrectly called the CGI::FormBuilder->field method (similar to the CGI->param API that led to Bugzilla's CVE-2014-1572), which can be abused to lead to commit metadata forgery.
Ikiwiki Ikiwiki
Debian Debian Linux 9.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
6.8
CVSSv2
CVE-2017-17476
Open Ticket Request System (OTRS) 4.0.x prior to 4.0.28, 5.0.x prior to 5.0.26, and 6.0.x prior to 6.0.3, when cookie support is disabled, might allow remote malicious users to hijack web sessions and consequently gain privileges via a crafted email.
Otrs Otrs
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
4.3
CVSSv2
CVE-2018-1000069
FreePlane version 1.5.9 and previous versions contains a XML External Entity (XXE) vulnerability in XML Parser in mindmap loader that can result in stealing data from victim's machine. This attack appears to require the victim to open a specially crafted mind map file. This ...
Freeplane Freeplane
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »