Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora core vulnerabilities and exploits
(subscribe to this query)
8.2
CVSSv3
CVE-2019-16789
In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Specially crafted requests contain...
Agendaless Waitress
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
Debian Debian Linux 9.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Redhat Openstack 15
NA
CVE-2007-3847
The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read.
Apache Http Server
Fedoraproject Fedora 7
Fedoraproject Fedora Core 6
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
NA
CVE-2007-3103
The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file.
Fedoraproject Fedora Core 6.0
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux Desktop 4.0
Redhat Linux
1 EDB exploit
9.8
CVSSv3
CVE-2019-10746
mixin-deep is vulnerable to Prototype Pollution in versions prior to 1.3.2 and version 2.0.0. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.
Mixin-deep Project Mixin-deep
Mixin-deep Project Mixin-deep 2.0.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.4.0
1 Github repository
6.5
CVSSv3
CVE-2020-8927
A buffer overflow exists in the Brotli library versions before 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended...
Google Brotli
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.2
Microsoft Visual Studio 2019
Microsoft .net
Microsoft .net Core
Microsoft Powershell
Microsoft Visual Studio 2022 17.1
Microsoft Visual Studio 2022
6.1
CVSSv3
CVE-2015-8807
Cross-site scripting (XSS) vulnerability in the _renderVarInput_number function in horde/framework/Core/lib/Horde/Core/Ui/VarRenderer/Html.php in Horde Groupware prior to 5.2.12 and Horde Groupware Webmail Edition prior to 5.2.12 allows remote malicious users to inject arbitrary ...
Fedoraproject Fedora 23
Fedoraproject Fedora 22
Horde Groupware 5.2.11
Debian Debian Linux 8.0
7.5
CVSSv3
CVE-2022-38013
.NET Core and Visual Studio Denial of Service Vulnerability
Microsoft .net Core 3.1
Microsoft Visual Studio 2019 16.9
Microsoft Visual Studio 2019 16.11
Microsoft Visual Studio 2022 17.0
Microsoft .net 6.0.0
Microsoft Visual Studio 2022 17.2
Microsoft Visual Studio 2022 17.3
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
5.5
CVSSv3
CVE-2022-30184
.NET and Visual Studio Information Disclosure Vulnerability
Microsoft Visual Studio 2022
Microsoft .net Core 3.1
Microsoft Visual Studio 2019 8.10
Microsoft .net 6.0.0
Microsoft Visual Studio 2019
Microsoft Visual Studio 2022
Microsoft Nuget
Fedoraproject Fedora 35
Fedoraproject Fedora 36
9.1
CVSSv3
CVE-2020-36242
In the cryptography package prior to 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer overflow and buffer overflow, as demonstrated by the Fernet class.
Cryptography Project Cryptography
Fedoraproject Fedora 33
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
2 Github repositories
4.7
CVSSv3
CVE-2020-4788
IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296.
Ibm Vios 3.1.0
Ibm Vios 3.1.1
Ibm Vios 3.1.2
Ibm Aix 7.1.0
Ibm Aix 7.1.5
Ibm Aix 7.2.0
Ibm Aix 7.2.3
Ibm Aix 7.2.4
Ibm Aix 7.2.5
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Communications Cloud Native Core Policy 22.2.0
Oracle Communications Cloud Native Core Network Exposure Function 22.1.1
2 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »