Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 23 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2016-3125
The mod_tls module in ProFTPD prior to 1.3.5b and 1.3.6 prior to 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than intended Diffie-Hellman (DH) key to be used and consequently allow malicious users to have unspecified impact via unkno...
Proftpd Proftpd 1.3.6
Proftpd Proftpd
Opensuse Opensuse 13.1
Fedoraproject Fedora 22
Fedoraproject Fedora 23
4.6
CVSSv2
CVE-2016-2312
Turning all screens off in Plasma-workspace and kscreenlocker while the lock screen is shown can result in the screen being unlocked when turning a screen on again.
Kde Kscreenlocker
Kde Plasma-workspace
Fedoraproject Fedora 22
Opensuse Leap 42.1
Fedoraproject Fedora 23
3.5
CVSSv2
CVE-2015-5146
ntpd in ntp prior to 4.2.8p3 with remote configuration enabled allows remote authenticated users with knowledge of the configuration password and access to a computer entrusted to perform remote configuration to cause a denial of service (service crash) via a NULL byte in a craft...
Fedoraproject Fedora 21
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Ntp Ntp
4.3
CVSSv2
CVE-2016-2228
Cross-site scripting (XSS) vulnerability in horde/templates/topbar/_menubar.html.php in Horde Groupware prior to 5.2.12 and Horde Groupware Webmail Edition prior to 5.2.12 allows remote malicious users to inject arbitrary web script or HTML via the searchfield parameter, as demon...
Debian Debian Linux 8.0
Horde Groupware
Horde Horde Groupware
Fedoraproject Fedora 22
Fedoraproject Fedora 23
1.7
CVSSv2
CVE-2016-3158
The xrstor function in arch/x86/xstate.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception a...
Xen Xen
Fedoraproject Fedora 23
Fedoraproject Fedora 22
Oracle Vm Server 3.4
Oracle Vm Server 3.3
5.8
CVSSv2
CVE-2015-1038
p7zip 9.20.1 allows remote malicious users to write to arbitrary files via a symlink attack in an archive.
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Oracle Solaris 10.0
Oracle Solaris 11.2
7-zip P7zip 9.20.1
6.8
CVSSv2
CVE-2016-8693
Double free vulnerability in the mem_close function in jas_stream.c in JasPer prior to 1.900.10 allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image to the imginfo command.
Jasper Project Jasper
Opensuse Opensuse 13.2
Fedoraproject Fedora 23
10
CVSSv2
CVE-2015-7203
Buffer overflow in the DirectWriteFontInfo::LoadFontFamilyData function in gfx/thebes/gfxDWriteFontList.cpp in Mozilla Firefox prior to 43.0 might allow remote malicious users to cause a denial of service or possibly have unspecified other impact via a crafted font-family name.
Mozilla Firefox
Fedoraproject Fedora 23
Fedoraproject Fedora 22
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Opensuse Leap 42.1
5
CVSSv2
CVE-2015-7215
The importScripts function in the Web Workers API implementation in Mozilla Firefox prior to 43.0 allows remote malicious users to bypass the Same Origin Policy by triggering use of the no-cors mode in the fetch API to attempt resource access that throws an exception, leading to ...
Fedoraproject Fedora 23
Fedoraproject Fedora 22
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Mozilla Firefox
6.8
CVSSv2
CVE-2015-7216
The gdk-pixbuf configuration in Mozilla Firefox prior to 43.0 on Linux GNOME platforms incorrectly enables the JasPer decoder, which allows remote malicious users to cause a denial of service or possibly have unspecified other impact via a crafted JPEG 2000 image.
Fedoraproject Fedora 23
Fedoraproject Fedora 22
Mozilla Firefox
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »