Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache http server 2.4.37 vulnerabilities and exploits
(subscribe to this query)
449
VMScore
CVE-2019-1549
OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include protection in the event of a fork() system call in order to ensure that the parent and child processes did not share the same RNG state. However this protection was not being used in ...
Openssl Openssl
694
VMScore
CVE-2019-9511
Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and...
Apple Swiftnio
Apache Traffic Server
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Synology Skynas -
Synology Diskstation Manager 6.2
Synology Vs960hd Firmware -
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.0
Opensuse Leap 15.1
Redhat Software Collections 1.0
Redhat Jboss Core Services 1.0
Redhat Enterprise Linux 8.0
Redhat Jboss Enterprise Application Platform 7.2.0
Redhat Quay 3.0.0
Redhat Openshift Service Mesh 1.0
Redhat Jboss Enterprise Application Platform 7.3.0
Oracle Graalvm 19.2.0
1 Github repository
1 Article
173
VMScore
CVE-2019-1547
Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a g...
Openssl Openssl
605
VMScore
CVE-2021-3518
There's a flaw in libxml2 in versions prior to 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability...
Xmlsoft Libxml2
Debian Debian Linux 9.0
Redhat Jboss Core Services -
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Netapp Ontap Select Deploy Administration Utility -
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Snapdrive -
Netapp Active Iq Unified Manager -
Netapp Manageability Software Development Kit -
Netapp Hci H410c Firmware -
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Enterprise Manager Base Platform 13.5.0.0
Oracle Mysql Workbench
Oracle Real User Experience Insight 13.4.1.0
Oracle Real User Experience Insight 13.5.1.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
383
VMScore
CVE-2019-1563
In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message th...
Openssl Openssl
1 Github repository
445
VMScore
CVE-2019-19956
xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 prior to 2.9.10 has a memory leak related to newDoc->oldNs.
Xmlsoft Libxml2
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Oracle Real User Experience Insight 13.3.1.0
Fedoraproject Fedora 30
Fedoraproject Fedora 32
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 12.04
Netapp Steelstore Cloud Integrated Storage -
Netapp Ontap Select Deploy Administration Utility -
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Active Iq Unified Manager -
Netapp Manageability Software Development Kit -
Siemens Sinema Remote Connect Server
449
VMScore
CVE-2019-1551
There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult ...
Openssl Openssl
Opensuse Leap 15.1
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Mysql Enterprise Monitor
Oracle Enterprise Manager Ops Center 12.4.0.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Tenable Log Correlation Engine
445
VMScore
CVE-2020-7595
xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.
Xmlsoft Libxml2 2.9.10
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 12.04
Debian Debian Linux 9.0
Siemens Sinema Remote Connect Server
Netapp Steelstore Cloud Integrated Storage -
Netapp Clustered Data Ontap -
Netapp Smi-s Provider -
Netapp Snapdrive -
Netapp Symantec Netbackup -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
445
VMScore
CVE-2019-20388
xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.
Xmlsoft Libxml2 2.9.10
Debian Debian Linux 9.0
Netapp Cloud Backup -
Netapp Steelstore Cloud Integrated Storage -
Netapp Ontap Select Deploy Administration Utility -
Netapp Clustered Data Ontap -
Netapp Smi-s Provider -
Netapp Snapdrive -
Netapp Plug-in For Symantec Netbackup -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Real User Experience Insight 13.3.1.0
Oracle Enterprise Manager Base Platform 13.5.0.0
Oracle Mysql Workbench
445
VMScore
CVE-2020-11080
In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes (2400 individual settings entries) over and over again. T...
Nghttp2 Nghttp2
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Fedoraproject Fedora 31
Fedoraproject Fedora 33
Oracle Enterprise Communications Broker 3.1.0
Oracle Graalvm 19.3.2
Oracle Graalvm 20.1.0
Oracle Mysql
Oracle Enterprise Communications Broker 3.2.0
Oracle Banking Extensibility Workbench 14.4.0
Oracle Banking Extensibility Workbench 14.3.0
Oracle Blockchain Platform
Nodejs Node.js
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
CVE-2023-52162
CVE-2024-23670
CVE-2024-5404
man-in-the-middle
CVE-2024-5214
CVE-2024-4358
CVE-2024-20696
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »