Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora core vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2019-16786
Waitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. According to the HTTP standard Transfer-Encoding should be a comma separ...
Agendaless Waitress
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
Debian Debian Linux 9.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Redhat Openstack 15
7.5
CVSSv3
CVE-2022-23267
.NET and Visual Studio Denial of Service Vulnerability
Microsoft .net 5.0
Microsoft .net Core 3.1
Microsoft Visual Studio 2022 17.0
Microsoft .net 6.0.0
Microsoft Visual Studio 2022 17.1
Microsoft Visual Studio 2019
Microsoft Powershell
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
NA
CVE-2007-3103
The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file.
Fedoraproject Fedora Core 6.0
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux Desktop 4.0
Redhat Linux
1 EDB exploit
9.8
CVSSv3
CVE-2019-10746
mixin-deep is vulnerable to Prototype Pollution in versions prior to 1.3.2 and version 2.0.0. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.
Mixin-deep Project Mixin-deep
Mixin-deep Project Mixin-deep 2.0.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.4.0
1 Github repository
6.5
CVSSv3
CVE-2020-8927
A buffer overflow exists in the Brotli library versions before 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended...
Google Brotli
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.2
Microsoft Visual Studio 2019
Microsoft .net
Microsoft .net Core
Microsoft Powershell
Microsoft Visual Studio 2022 17.1
Microsoft Visual Studio 2022
6.1
CVSSv3
CVE-2015-8807
Cross-site scripting (XSS) vulnerability in the _renderVarInput_number function in horde/framework/Core/lib/Horde/Core/Ui/VarRenderer/Html.php in Horde Groupware prior to 5.2.12 and Horde Groupware Webmail Edition prior to 5.2.12 allows remote malicious users to inject arbitrary ...
Fedoraproject Fedora 23
Fedoraproject Fedora 22
Horde Groupware 5.2.11
Debian Debian Linux 8.0
7.5
CVSSv3
CVE-2022-38013
.NET Core and Visual Studio Denial of Service Vulnerability
Microsoft .net Core 3.1
Microsoft Visual Studio 2019 16.9
Microsoft Visual Studio 2019 16.11
Microsoft Visual Studio 2022 17.0
Microsoft .net 6.0.0
Microsoft Visual Studio 2022 17.2
Microsoft Visual Studio 2022 17.3
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
9.1
CVSSv3
CVE-2020-36242
In the cryptography package prior to 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer overflow and buffer overflow, as demonstrated by the Fernet class.
Cryptography Project Cryptography
Fedoraproject Fedora 33
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
2 Github repositories
5.5
CVSSv3
CVE-2022-30184
.NET and Visual Studio Information Disclosure Vulnerability
Microsoft Visual Studio 2022
Microsoft .net Core 3.1
Microsoft Visual Studio 2019 8.10
Microsoft .net 6.0.0
Microsoft Visual Studio 2019
Microsoft Visual Studio 2022
Microsoft Nuget
Fedoraproject Fedora 35
Fedoraproject Fedora 36
6.1
CVSSv3
CVE-2020-24553
Go prior to 1.14.8 and 1.15.x prior to 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.
Golang Go
Fedoraproject Fedora 33
Opensuse Leap 15.1
Opensuse Leap 15.2
Oracle Communications Cloud Native Core Policy 1.5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »