Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
leap vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2020-12426
Mozilla developers and community members reported memory safety bugs present in Firefox 77. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Fir...
Mozilla Firefox
Opensuse Leap 15.1
Opensuse Leap 15.2
9.3
CVSSv2
CVE-2020-12417
Due to confusion about ValueTags on JavaScript Objects, an object may pass through the type barrier, resulting in memory corruption and a potentially exploitable crash. *Note: this issue only affects Firefox on ARM64 platforms.* This vulnerability affects Firefox ESR < 68.10, ...
Mozilla Firefox
Mozilla Thunderbird
Mozilla Firefox Esr
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
Opensuse Leap 15.2
9.3
CVSSv2
CVE-2020-12419
When processing callbacks that occurred during window flushing in the parent process, the associated window may die; causing a use-after-free condition. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.10...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
Opensuse Leap 15.2
9.3
CVSSv2
CVE-2020-12420
When trying to connect to a STUN server, a race condition could have caused a use-after-free of a pointer, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0.
Mozilla Firefox
Mozilla Thunderbird
Mozilla Firefox Esr
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
Opensuse Leap 15.2
9.3
CVSSv2
CVE-2020-3868
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web conten...
Apple Icloud
Apple Itunes
Apple Safari
Apple Ipados
Apple Iphone Os
Apple Tvos
Opensuse Leap 15.1
9.3
CVSSv2
CVE-2020-7040
storeBackup.pl in storeBackup up to and including 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation. (Local users can also create a plain file named /tmp/storeBackup.lock to block use of storeBackup until an ...
Storebackup Storebackup
Debian Debian Linux 8.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
9.3
CVSSv2
CVE-2019-19604
Arbitrary command execution is possible in Git prior to 2.20.2, 2.21.x prior to 2.21.1, 2.22.x prior to 2.22.2, 2.23.x prior to 2.23.1, and 2.24.x prior to 2.24.1 because a "git submodule update" operation can run commands found in the .gitmodules file of a malicious re...
Git-scm Git
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.1
9.3
CVSSv2
CVE-2019-14889
A flaw was found with the libssh API function ssh_scp_new() in versions prior to 0.9.3 and prior to 0.8.8. When the libssh SCP client connects to a server, the scp command, which includes a user-provided path, is executed on the server-side. In case the library is used in a way w...
Libssh Libssh
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Opensuse Leap 15.1
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 8.0
Oracle Mysql Workbench
1 Github repository
9.3
CVSSv2
CVE-2019-18425
An issue exists in Xen up to and including 4.12.x allowing 32-bit PV guest OS users to gain guest OS privileges by installing and using descriptors. There is missing descriptor table limit checking in x86 PV emulation. When emulating certain PV guest operations, descriptor table ...
Xen Xen
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.0
9.3
CVSSv2
CVE-2019-2126
In ParseContentEncodingEntry of mkvparser.cc, there is a possible double free due to a missing reset of a freed pointer. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Version...
Google Android 7.1.2
Google Android 7.0
Google Android 8.0
Google Android 7.1.1
Google Android 8.1
Google Android 9.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 19.04
Opensuse Leap 15.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »