Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 22 vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2015-0856
daemon/Greeter.cpp in sddm prior to 0.13.0 does not properly disable the KDE crash handler, which allows local users to gain privileges by crashing a greeter when using certain themes, as demonstrated by the plasma-workspace breeze theme.
Fedoraproject Fedora 22
Sddm Project Sddm
7.5
CVSSv2
CVE-2016-1901
Integer overflow in the authenticate_post function in CGit prior to 0.12 allows remote malicious users to have unspecified impact via a large value in the Content-Length HTTP header, which triggers a buffer overflow.
Fedoraproject Fedora 22
Cgit Project Cgit
4.3
CVSSv2
CVE-2016-1899
CRLF injection vulnerability in the ui-blob handler in CGit prior to 0.12 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks or cross-site scripting (XSS) attacks via CRLF sequences in the mimetype parameter, as demonstrated...
Fedoraproject Fedora 22
Cgit Project Cgit
4.3
CVSSv2
CVE-2016-1900
CRLF injection vulnerability in the cgit_print_http_headers function in ui-shared.c in CGit prior to 0.12 allows remote attackers with permission to write to a repository to inject arbitrary HTTP headers and conduct HTTP response splitting attacks or cross-site scripting (XSS) at...
Fedoraproject Fedora 22
Cgit Project Cgit
4.3
CVSSv2
CVE-2015-7555
Heap-based buffer overflow in giffix.c in giffix in giflib 5.1.1 allows malicious users to cause a denial of service (program crash) via crafted image and logical screen width fields in a GIF file.
Giflib Project Giflib
Fedoraproject Fedora 22
4.3
CVSSv2
CVE-2015-8807
Cross-site scripting (XSS) vulnerability in the _renderVarInput_number function in horde/framework/Core/lib/Horde/Core/Ui/VarRenderer/Html.php in Horde Groupware prior to 5.2.12 and Horde Groupware Webmail Edition prior to 5.2.12 allows remote malicious users to inject arbitrary ...
Fedoraproject Fedora 23
Fedoraproject Fedora 22
Horde Groupware 5.2.11
Debian Debian Linux 8.0
7.5
CVSSv2
CVE-2015-2782
Buffer overflow in Open-source ARJ archiver 3.10.22 allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ARJ archive.
Debian Debian Linux 7.0
Fedoraproject Fedora 21
Fedoraproject Fedora 20
Fedoraproject Fedora 22
Arj Software Arj Archiver 3.10.22
5
CVSSv2
CVE-2016-4414
The onReadyRead function in core/coreauthhandler.cpp in Quassel prior to 0.12.4 allows remote malicious users to cause a denial of service (NULL pointer dereference and crash) via invalid handshake data.
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Quassel-irc Quassel
Fedoraproject Fedora 22
Fedoraproject Fedora 24
Fedoraproject Fedora 23
3.5
CVSSv2
CVE-2015-5146
ntpd in ntp prior to 4.2.8p3 with remote configuration enabled allows remote authenticated users with knowledge of the configuration password and access to a computer entrusted to perform remote configuration to cause a denial of service (service crash) via a NULL byte in a craft...
Fedoraproject Fedora 21
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Ntp Ntp
5
CVSSv2
CVE-2016-3125
The mod_tls module in ProFTPD prior to 1.3.5b and 1.3.6 prior to 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than intended Diffie-Hellman (DH) key to be used and consequently allow malicious users to have unspecified impact via unkno...
Proftpd Proftpd 1.3.6
Proftpd Proftpd
Opensuse Opensuse 13.1
Fedoraproject Fedora 22
Fedoraproject Fedora 23
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »