Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 12 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2020-27918
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes 12.11 for Windows. Processing maliciously crafted web content may le...
Apple Tvos
Apple Itunes
Apple Iphone Os
Apple Watchos
Apple Icloud
Apple Ipados
Apple Safari
Apple Macos
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 10.0
Webkitgtk Webkitgtk\\+
5
CVSSv2
CVE-2020-8277
A Node.js application that allows an malicious user to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions < 15.2.1, < 14.15.1, and < 12.19.1 by getting the application to resolve a DNS record with a larger number of responses. ...
Nodejs Node.js
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Oracle Graalvm 19.3.4
Oracle Graalvm 20.3.0
Oracle Retail Xstore Point Of Service 16.0.6
Oracle Retail Xstore Point Of Service 17.0.4
Oracle Retail Xstore Point Of Service 18.0.3
Oracle Retail Xstore Point Of Service 19.0.2
Oracle Jd Edwards Enterpriseone Tools
Oracle Mysql Cluster
Oracle Blockchain Platform
C-ares Project C-ares
2 Github repositories
6.8
CVSSv2
CVE-2020-15969
Use after free in WebRTC in Google Chrome before 86.0.4240.75 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Debian Debian Linux 10.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Opensuse Backports Sle 15.0
Apple Ipados
Apple Safari
Apple Watchos
Apple Macos
Apple Tvos
Apple Iphone Os
5
CVSSv2
CVE-2020-7070
In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like __Host confused with cookies that decode to such prefix, thus leading t...
Php Php
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 12.04
Netapp Clustered Data Ontap -
Tenable Tenable.sc
6.4
CVSSv2
CVE-2020-7069
In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and incorrect encryption data.
Php Php
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 12.04
Netapp Clustered Data Ontap -
Oracle Communications Diameter Signaling Router
Tenable Tenable.sc
5.8
CVSSv2
CVE-2020-8201
Node.js < 12.18.4 and < 14.11 can be exploited to perform HTTP desync attacks and deliver malicious payloads to unsuspecting users. The payloads can be crafted by an malicious user to hijack user sessions, poison cookies, perform clickjacking, and a multitude of other attac...
Nodejs Node.js
Opensuse Leap 15.2
Fedoraproject Fedora 33
1 Github repository
4.6
CVSSv2
CVE-2020-8252
The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes.
Nodejs Node.js
Opensuse Leap 15.2
Fedoraproject Fedora 33
1.9
CVSSv2
CVE-2020-15095
Versions of the npm CLI before 6.14.6 are vulnerable to an information exposure vulnerability through log files. The CLI supports URLs like "<protocol>://[<user>[:<password>]@]<hostname>[:<port>][:][/]<path>". The password value is no...
Npmjs Npm
Opensuse Leap 15.1
Opensuse Leap 15.2
Fedoraproject Fedora 33
7.5
CVSSv2
CVE-2017-18922
It exists that websockets.c in LibVNCServer before 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, causing a heap-based buffer overflow.
Libvncserver Project Libvncserver
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Opensuse Leap 15.1
Opensuse Leap 15.2
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Siemens Simatic Itc1500 Firmware
Siemens Simatic Itc1500 Pro Firmware
Siemens Simatic Itc1900 Firmware
Siemens Simatic Itc1900 Pro Firmware
Siemens Simatic Itc2200 Firmware
Siemens Simatic Itc2200 Pro Firmware
5
CVSSv2
CVE-2020-11080
In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes (2400 individual settings entries) over and over again. T...
Nghttp2 Nghttp2
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Fedoraproject Fedora 31
Fedoraproject Fedora 33
Oracle Enterprise Communications Broker 3.1.0
Oracle Graalvm 19.3.2
Oracle Graalvm 20.1.0
Oracle Mysql
Oracle Enterprise Communications Broker 3.2.0
Oracle Banking Extensibility Workbench 14.4.0
Oracle Banking Extensibility Workbench 14.3.0
Oracle Blockchain Platform
Nodejs Node.js
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »