Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 14 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2020-14040
The x/text package prior to 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM...
Golang Text
Fedoraproject Fedora 32
3 Github repositories
7.5
CVSSv3
CVE-2011-2726
An access bypass issue was found in Drupal 7.x before version 7.5. If a Drupal site has the ability to attach File upload fields to any entity type in the system or has the ability to point individual File upload fields to the private file directory in comments, and the parent no...
Drupal Drupal
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux 6.0
Fedoraproject Fedora 14
Fedoraproject Fedora 15
Fedoraproject Fedora 16
7.5
CVSSv3
CVE-2019-9514
Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer...
Apple Swiftnio
Apache Traffic Server
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Debian Debian Linux 9.0
Synology Skynas -
Synology Diskstation Manager 6.2
Synology Vs960hd Firmware -
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.0
Opensuse Leap 15.1
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Software Collections 1.0
Redhat Openshift Container Platform 3.9
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 3.10
Redhat Jboss Core Services 1.0
Redhat Enterprise Linux 8.0
1 Article
7.5
CVSSv3
CVE-2019-9515
Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame ...
Apple Swiftnio
Apache Traffic Server
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Synology Skynas -
Synology Diskstation Manager 6.2
Synology Vs960hd Firmware -
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.0
Opensuse Leap 15.1
Redhat Software Collections 1.0
Redhat Jboss Core Services 1.0
Redhat Enterprise Linux 8.0
Redhat Jboss Enterprise Application Platform 7.2.0
Redhat Single Sign-on 7.3
Redhat Openshift Container Platform 4.1
Redhat Quay 3.0.0
Redhat Openshift Service Mesh 1.0
7.5
CVSSv3
CVE-2011-1770
Integer underflow in the dccp_parse_options function (net/dccp/options.c) in the Linux kernel prior to 2.6.33.14 allows remote malicious users to cause a denial of service via a Datagram Congestion Control Protocol (DCCP) packet with an invalid feature options length, which trigg...
Linux Linux Kernel
Fedoraproject Fedora 15
Fedoraproject Fedora 14
7.5
CVSSv3
CVE-2011-1755
jabberd2 prior to 2.2.14 does not properly detect recursion during entity expansion, which allows remote malicious users to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to ...
Jabberd2 Jabberd2
Fedoraproject Fedora 13
Fedoraproject Fedora 15
Fedoraproject Fedora 14
Apple Mac Os X Server
Apple Mac Os X
7.5
CVSSv3
CVE-2010-4168
Multiple use-after-free vulnerabilities in OpenTTD 1.0.x prior to 1.0.5 allow (1) remote malicious users to cause a denial of service (invalid write and daemon crash) by abruptly disconnecting during transmission of the map from the server, related to network/network_server.cpp; ...
Openttd Openttd
Fedoraproject Fedora 13
Fedoraproject Fedora 14
7.4
CVSSv3
CVE-2020-8201
Node.js < 12.18.4 and < 14.11 can be exploited to perform HTTP desync attacks and deliver malicious payloads to unsuspecting users. The payloads can be crafted by an malicious user to hijack user sessions, poison cookies, perform clickjacking, and a multitude of other attac...
Nodejs Node.js
Opensuse Leap 15.2
Fedoraproject Fedora 33
1 Github repository
6.6
CVSSv3
CVE-2021-44832
Apache Log4j2 versions 2.0-beta7 up to and including 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the tar...
Apache Log4j 2.0
Apache Log4j
Oracle Weblogic Server 12.2.1.3.0
Oracle Primavera Unifier 18.8
Oracle Weblogic Server 12.2.1.4.0
Oracle Primavera Unifier 19.12
Oracle Weblogic Server 14.1.1.0.0
Oracle Primavera Unifier 20.12
Oracle Communications Interactive Session Recorder 6.3
Oracle Communications Interactive Session Recorder 6.4
Oracle Primavera Gateway
Oracle Retail Assortment Planning 16.0.3
Oracle Primavera Unifier 21.12
Oracle Primavera P6 Enterprise Project Portfolio Management 21.12.0.0
Oracle Primavera P6 Enterprise Project Portfolio Management
Oracle Primavera Gateway 21.12.0
Oracle Retail Fiscal Management 14.2
Oracle Siebel Ui Framework 21.12
Oracle Communications Diameter Signaling Router
Cisco Cloudcenter 4.10.0.16
Fedoraproject Fedora 34
Fedoraproject Fedora 35
34 Github repositories
4 Articles
6.5
CVSSv3
CVE-2023-41983
The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, Safari 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. Processing web content may lead to a denial-of-service.
Apple Macos
Apple Iphone Os
Apple Ipados
Apple Safari
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Debian Debian Linux 11.0
Debian Debian Linux 12.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »