Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 22 vulnerabilities and exploits
(subscribe to this query)
3.7
CVSSv3
CVE-2016-1899
CRLF injection vulnerability in the ui-blob handler in CGit prior to 0.12 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks or cross-site scripting (XSS) attacks via CRLF sequences in the mimetype parameter, as demonstrated...
Fedoraproject Fedora 22
Cgit Project Cgit
3.7
CVSSv3
CVE-2016-1900
CRLF injection vulnerability in the cgit_print_http_headers function in ui-shared.c in CGit prior to 0.12 allows remote attackers with permission to write to a repository to inject arbitrary HTTP headers and conduct HTTP response splitting attacks or cross-site scripting (XSS) at...
Fedoraproject Fedora 22
Cgit Project Cgit
9.8
CVSSv3
CVE-2016-1901
Integer overflow in the authenticate_post function in CGit prior to 0.12 allows remote malicious users to have unspecified impact via a large value in the Content-Length HTTP header, which triggers a buffer overflow.
Fedoraproject Fedora 22
Cgit Project Cgit
5.5
CVSSv3
CVE-2015-7555
Heap-based buffer overflow in giffix.c in giffix in giflib 5.1.1 allows malicious users to cause a denial of service (program crash) via crafted image and logical screen width fields in a GIF file.
Giflib Project Giflib
Fedoraproject Fedora 22
NA
CVE-2015-0856
daemon/Greeter.cpp in sddm prior to 0.13.0 does not properly disable the KDE crash handler, which allows local users to gain privileges by crashing a greeter when using certain themes, as demonstrated by the plasma-workspace breeze theme.
Fedoraproject Fedora 22
Sddm Project Sddm
6.1
CVSSv3
CVE-2015-8807
Cross-site scripting (XSS) vulnerability in the _renderVarInput_number function in horde/framework/Core/lib/Horde/Core/Ui/VarRenderer/Html.php in Horde Groupware prior to 5.2.12 and Horde Groupware Webmail Edition prior to 5.2.12 allows remote malicious users to inject arbitrary ...
Fedoraproject Fedora 23
Fedoraproject Fedora 22
Horde Groupware 5.2.11
Debian Debian Linux 8.0
NA
CVE-2015-2782
Buffer overflow in Open-source ARJ archiver 3.10.22 allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ARJ archive.
Debian Debian Linux 7.0
Fedoraproject Fedora 21
Fedoraproject Fedora 20
Fedoraproject Fedora 22
Arj Software Arj Archiver 3.10.22
7.5
CVSSv3
CVE-2016-4414
The onReadyRead function in core/coreauthhandler.cpp in Quassel prior to 0.12.4 allows remote malicious users to cause a denial of service (NULL pointer dereference and crash) via invalid handshake data.
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Quassel-irc Quassel
Fedoraproject Fedora 22
Fedoraproject Fedora 24
Fedoraproject Fedora 23
5.3
CVSSv3
CVE-2015-5146
ntpd in ntp prior to 4.2.8p3 with remote configuration enabled allows remote authenticated users with knowledge of the configuration password and access to a computer entrusted to perform remote configuration to cause a denial of service (service crash) via a NULL byte in a craft...
Fedoraproject Fedora 21
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Ntp Ntp
NA
CVE-2015-2059
The stringprep_utf8_to_ucs4 function in libin prior to 1.31, as used in jabberd2, allows context-dependent malicious users to read system memory and possibly have other unspecified impact via invalid UTF-8 characters in a string, which triggers an out-of-bounds read.
Gnu Libidn
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Fedoraproject Fedora 21
Fedoraproject Fedora 22
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »