Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 37 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2022-34911
An issue exists in MediaWiki prior to 1.35.7, 1.36.x and 1.37.x prior to 1.37.3, and 1.38.x prior to 1.38.1. XSS can occur in configurations that allow a JavaScript payload in a username. After account creation, when it sets the page title to "Welcome" followed by the u...
Mediawiki Mediawiki 1.38.0
Mediawiki Mediawiki
Fedoraproject Fedora 36
Fedoraproject Fedora 37
383
VMScore
CVE-2022-34912
An issue exists in MediaWiki prior to 1.37.3 and 1.38.x prior to 1.38.1. The contributions-title, used on Special:Contributions, is used as page title without escaping. Hence, in a non-default configuration where a username contains HTML entities, it won't be escaped.
Mediawiki Mediawiki 1.38.0
Mediawiki Mediawiki
Fedoraproject Fedora 36
Fedoraproject Fedora 37
383
VMScore
CVE-2022-27776
A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number.
Haxx Curl
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Hci Bootstrap Os -
Netapp Clustered Data Ontap -
Netapp Solidfire \\& Hci Management Node -
Netapp Solidfire \\& Hci Storage Node -
Brocade Fabric Operating System -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
383
VMScore
CVE-2022-30975
In Artifex MuJS up to and including 1.2.0, jsP_dumpsyntax in jsdump.c has a NULL pointer dereference, as demonstrated by mujs-pp.
Artifex Mujs
Debian Debian Linux 11.0
Fedoraproject Fedora 37
383
VMScore
CVE-2022-30974
compile in regexp.c in Artifex MuJS up to and including 1.2.0 results in stack consumption because of unlimited recursion, a different issue than CVE-2019-11413.
Artifex Mujs
Debian Debian Linux 11.0
Fedoraproject Fedora 37
383
VMScore
CVE-2022-27939
tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_v6 in common/get.c.
Broadcom Tcpreplay 4.4.1
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
383
VMScore
CVE-2022-0856
libcaca is affected by a Divide By Zero issue via img2txt, which allows a remote malicious user to cause a Denial of Service
Libcaca Project Libcaca 0.99
Fedoraproject Fedora 37
Fedoraproject Fedora 38
383
VMScore
CVE-2022-24599
In autofile Audio File Library 0.3.6, there exists one memory leak vulnerability in printfileinfo, in printinfo.c, which allows an malicious user to leak sensitive information via a crafted file. The printfileinfo function calls the copyrightstring function to get data, however, ...
Audio File Library Project Audio File Library 0.3.6
Debian Debian Linux 10.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
383
VMScore
CVE-2021-45958
UltraJSON (aka ujson) up to and including 5.1.0 has a stack-based buffer overflow in Buffer_AppendIndentUnchecked (called from encode). Exploitation can, for example, use a large amount of indentation.
Ultrajson Project Ultrajson
Debian Debian Linux 9.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
383
VMScore
CVE-2021-23414
This affects the package video.js prior to 7.14.3. The src attribute of track tag allows to bypass HTML escaping and execute arbitrary code.
Videojs Video.js
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-3611
CVE-2024-4947
CVE-2024-32988
CVE-2020-35165
local file inclusion
CVE-2024-4980
bypass
malicious code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »