Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora - vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2012-2089
Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module module in nginx 1.0.7 up to and including 1.0.14 and 1.1.3 up to and including 1.1.18, when the mp4 directive is used, allows remote malicious users to cause a denial of service (memory overwrite) or possibly exe...
F5 Nginx
Fedoraproject Fedora 15
Fedoraproject Fedora 16
Fedoraproject Fedora 17
169
VMScore
CVE-2015-2152
Xen 4.5.x and previous versions enables certain default backends when emulating a VGA device for an x86 HVM guest qemu even when the configuration disables them, which allows local guest users to obtain access to the VGA console by (1) setting the DISPLAY environment variable, wh...
Xen Xen
Fedoraproject Fedora 22
Fedoraproject Fedora 21
Fedoraproject Fedora 20
670
VMScore
CVE-2017-18342
In PyYAML prior to 5.1, the yaml.load() API could execute arbitrary code if used with untrusted data. The load() function has been deprecated in version 5.1 and the 'UnsafeLoader' has been introduced for backward compatibility with the function.
Pyyaml Pyyaml
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
8 Github repositories
445
VMScore
CVE-2018-20060
urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted i...
Python Urllib3
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
NA
CVE-2022-3204
A vulnerability named 'Non-Responsive Delegation Attack' (NRDelegation Attack) has been discovered in various DNS resolving software. The NRDelegation Attack works by having a malicious delegation with a considerable number of non responsive nameservers. The attack star...
Nlnetlabs Unbound
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
668
VMScore
CVE-2022-32081
MariaDB v10.4 to v10.7 exists to contain an use-after-poison in prepare_inplace_add_virtual at /storage/innobase/handler/handler0alter.cc.
Mariadb Mariadb
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
605
VMScore
CVE-2021-21194
Use after free in screen sharing in Google Chrome before 89.0.4389.114 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
721
VMScore
CVE-2021-21220
Insufficient validation of untrusted input in V8 in Google Chrome before 89.0.4389.128 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
1 Metasploit module
2 Github repositories
1 Article
668
VMScore
CVE-2015-4342
SQL injection vulnerability in Cacti prior to 0.8.8d allows remote malicious users to execute arbitrary SQL commands via unspecified vectors involving a cdef id.
Cacti Cacti
Fedoraproject Fedora 24
Fedoraproject Fedora 23
Fedoraproject Fedora 22
445
VMScore
CVE-2015-8008
The OAuth extension for MediaWiki improperly negotiates a new client token only over Special:OAuth/initiate, which allows malicious users to bypass intended IP address access restrictions by making an API request with an existing token.
Mediawiki Mediawiki
Fedoraproject Fedora 23
Fedoraproject Fedora 21
Fedoraproject Fedora 22
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »