Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 23 vulnerabilities and exploits
(subscribe to this query)
169
VMScore
CVE-2016-4980
A password generation weakness exists in xquest through 2016-06-13.
Ethz Xquest
Fedoraproject Fedora 23
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
668
VMScore
CVE-2019-14379
SubTypeValidator.java in FasterXML jackson-databind prior to 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Service Level Manager -
Netapp Active Iq Unified Manager
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Redhat Jboss Enterprise Application Platform 7.2
Redhat Jboss Enterprise Application Platform 7.3
Redhat Openshift Container Platform 4.1
Redhat Single Sign-on 7.3
Redhat Openshift Container Platform 3.11
Oracle Retail Xstore Point Of Service 15.0
Oracle Primavera Unifier 16.2
Oracle Banking Platform 2.4.0
Oracle Retail Xstore Point Of Service 7.1
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Banking Platform 2.4.1
Oracle Primavera Gateway 16.2
Oracle Primavera Gateway 15.2
1 Github repository
383
VMScore
CVE-2019-9959
The JPXStream::init function in Poppler 0.78.0 and previous versions doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonst...
Freedesktop Poppler
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Aus 8.6
Redhat Enterprise Linux Server Tus 8.6
Redhat Enterprise Linux Eus 8.6
445
VMScore
CVE-2019-13118
In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.
Xmlsoft Libxslt 1.1.33
Opensuse Leap 15.1
Netapp Cloud Backup -
Netapp Steelstore Cloud Integrated Storage -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Ontap Select Deploy Administration Utility -
Netapp Clustered Data Ontap -
Netapp E-series Santricity Storage Manager -
Netapp Active Iq Unified Manager -
Netapp Santricity Unified Manager -
Netapp E-series Performance Analyzer -
Netapp E-series Santricity Management Plug-ins -
Netapp Plug-in For Symantec Netbackup -
Netapp E-series Santricity Web Services -
Netapp E-series Santricity Os Controller
Oracle Jdk 1.8.0
Fedoraproject Fedora 31
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
668
VMScore
CVE-2019-12450
file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 up to and including 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used.
Gnome Glib
Debian Debian Linux 8.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Aus 8.6
Redhat Enterprise Linux Server Tus 8.6
Redhat Enterprise Linux Eus 8.6
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Opensuse Leap 15.0
Fedoraproject Fedora 30
571
VMScore
CVE-2019-9948
urllib in Python 2.x up to and including 2.7.16 supports the local_file: scheme, which makes it easier for remote malicious users to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call.
Python Python
Opensuse Leap 42.3
Opensuse Leap 15.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Desktop 8.0
Redhat Enterprise Linux Workstation 8.0
Redhat Enterprise Linux Server 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Tus 8.2
Redhat Enterprise Linux Tus 8.4
685
VMScore
CVE-2019-6116
In Artifex Ghostscript up to and including 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution.
Artifex Ghostscript
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Leap 42.3
Opensuse Leap 15.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Server Aus 7.6
1 EDB exploit
445
VMScore
CVE-2015-8008
The OAuth extension for MediaWiki improperly negotiates a new client token only over Special:OAuth/initiate, which allows malicious users to bypass intended IP address access restrictions by making an API request with an existing token.
Mediawiki Mediawiki
Fedoraproject Fedora 23
Fedoraproject Fedora 21
Fedoraproject Fedora 22
668
VMScore
CVE-2015-7687
Use-after-free vulnerability in OpenSMTPD prior to 5.7.2 allows remote malicious users to cause a denial of service (crash) or execute arbitrary code via vectors involving req_ca_vrfy_smtp and req_ca_vrfy_mta.
Openbsd Opensmtpd
Fedoraproject Fedora 22
Fedoraproject Fedora 23
312
VMScore
CVE-2015-5146
ntpd in ntp prior to 4.2.8p3 with remote configuration enabled allows remote authenticated users with knowledge of the configuration password and access to a computer entrusted to perform remote configuration to cause a denial of service (service crash) via a NULL byte in a craft...
Fedoraproject Fedora 21
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Ntp Ntp
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »