Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 12 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2010-1772
Use-after-free vulnerability in page/Geolocation.cpp in WebCore in WebKit before r59859, as used in Google Chrome prior to 5.0.375.70, allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via a crafted web site, related to failu...
Google Chrome
Redhat Enterprise Linux 6.0
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 10.04
Opensuse Opensuse 11.2
Opensuse Opensuse 11.3
Fedoraproject Fedora 13
Fedoraproject Fedora 12
6.8
CVSSv2
CVE-2010-1321
The kg_accept_krb5 function in krb5/accept_sec_context.c in the GSS-API library in MIT Kerberos 5 (aka krb5) up to and including 1.7.1 and 1.8 prior to 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allows remote authen...
Mit Kerberos 5
Debian Debian Linux 5.0
Debian Debian Linux 6.0
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 10.04
Oracle Database Server -
Opensuse Opensuse 11.0
Opensuse Opensuse 11.1
Opensuse Opensuse 11.2
Opensuse Opensuse 11.3
Suse Linux Enterprise Server 10
Suse Linux Enterprise Server 11
Fedoraproject Fedora 11
Fedoraproject Fedora 12
Fedoraproject Fedora 13
6.8
CVSSv2
CVE-2009-2816
The implementation of Cross-Origin Resource Sharing (CORS) in WebKit, as used in Apple Safari prior to 4.0.4 and Google Chrome prior to 3.0.195.33, includes certain custom HTTP headers in the OPTIONS request during cross-origin operations with preflight, which makes it easier for...
Apple Safari
Google Chrome
Apple Iphone Os
Opensuse Opensuse 11.2
Opensuse Opensuse 11.3
Fedoraproject Fedora 11
Fedoraproject Fedora 12
6.4
CVSSv2
CVE-2020-8287
Node.js versions prior to 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding header fields). In this case, Node.js identifies the first header field and ignores the second. This can lead to HTTP Request Smug...
Nodejs Node.js
Debian Debian Linux 10.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Oracle Graalvm 19.3.4
Oracle Graalvm 20.3.0
Siemens Sinec Infrastructure Network Services
1 Github repository
6.4
CVSSv2
CVE-2020-7069
In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and incorrect encryption data.
Php Php
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 12.04
Netapp Clustered Data Ontap -
Oracle Communications Diameter Signaling Router
Tenable Tenable.sc
6.4
CVSSv2
CVE-2015-8776
The strftime function in the GNU C Library (aka glibc or libc6) prior to 2.23 allows context-dependent malicious users to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value.
Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Desktop 12
Suse Linux Enterprise Debuginfo 11
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 12
Suse Suse Linux Enterprise Server 12
Opensuse Opensuse 13.2
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 12
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.10
Debian Debian Linux 8.0
Fedoraproject Fedora 23
Gnu Glibc
6.3
CVSSv2
CVE-2021-35567
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows lo...
Oracle Openjdk 17
Oracle Openjdk 11.0.12
Oracle Openjdk 8
Oracle Graalvm 20.3.3
Oracle Graalvm 21.2.0
Netapp Snapmanager -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp E-series Santricity Storage Manager -
Netapp E-series Santricity Os Controller
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Santricity Unified Manager -
Netapp E-series Santricity Web Services -
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
6.2
CVSSv2
CVE-2010-0746
Directory traversal vulnerability in DeviceKit-disks in DeviceKit, as used in Fedora 11 and 12 and possibly other operating systems, allows local users to gain privileges via .. (dot dot) sequences in the label for a pluggable storage device.
Fedoraproject Fedora 11
Fedoraproject Fedora 12
5.8
CVSSv2
CVE-2021-40153
squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the destination directory, and thus allows writing...
Squashfs-tools Project Squashfs-tools 4.5
Fedoraproject Fedora 34
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 33
5.8
CVSSv2
CVE-2020-8201
Node.js < 12.18.4 and < 14.11 can be exploited to perform HTTP desync attacks and deliver malicious payloads to unsuspecting users. The payloads can be crafted by an malicious user to hijack user sessions, poison cookies, perform clickjacking, and a multitude of other attac...
Nodejs Node.js
Opensuse Leap 15.2
Fedoraproject Fedora 33
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »