Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opensuse opensuse 11.4 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2014-2323
SQL injection vulnerability in mod_mysql_vhost.c in lighttpd prior to 1.4.35 allows remote malicious users to execute arbitrary SQL commands via the host name, related to request_check_hostname.
Lighttpd Lighttpd
Debian Debian Linux 6.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Opensuse Opensuse 11.4
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Suse Linux Enterprise High Availability Extension 11
Suse Linux Enterprise Software Development Kit 11
1 Github repository
NA
CVE-2014-2324
Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) mod_simple_vhost in lighttpd prior to 1.4.35 allow remote malicious users to read arbitrary files via a .. (dot dot) in the host name, related to request_check_hostname.
Lighttpd Lighttpd
Debian Debian Linux 6.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Opensuse Opensuse 11.4
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Suse Linux Enterprise High Availability Extension 11
Suse Linux Enterprise Software Development Kit 11
Contec Sv-cpt-mc310 Firmware
2 Github repositories
NA
CVE-2012-2328
internal/cimxml/sax/NodeFactory.java in Standards-Based Linux Instrumentation for Manageability (SBLIM) Common Information Model (CIM) Client (aka sblim-cim-client2) prior to 2.1.12 computes hash values without restricting the ability to trigger hash collisions predictably, which...
Opensuse Opensuse 11.4
Opensuse Opensuse 12.2
Opensuse Opensuse 12.1
Standards Based Linux Instrumentation Project Standards-based Linux Common Information Model Client
NA
CVE-2011-4091
The libobby server in inc/server.hpp in libnet6 (aka net6) prior to 1.3.14 does not perform authentication before checking the user name, which allows remote malicious users to obtain sensitive information such as server-usage patterns by a particular user and color preferences.
Opensuse Opensuse 11.4
Opensuse Opensuse 11.3
Oracle Solaris 11.2
Armin Burgmeier Net6
Armin Burgmeier Net6 1.3.5
Armin Burgmeier Net6 1.3.9
Armin Burgmeier Net6 1.3.7
Armin Burgmeier Net6 1.3.1
Armin Burgmeier Net6 1.3.12
Armin Burgmeier Net6 1.3.6
Armin Burgmeier Net6 1.3.4
Armin Burgmeier Net6 1.3.2
Armin Burgmeier Net6 1.3.11
Armin Burgmeier Net6 1.3.10
Armin Burgmeier Net6 1.3.3
Armin Burgmeier Net6 1.3.8
NA
CVE-2011-4093
Integer overflow in inc/server.hpp in libnet6 (aka net6) prior to 1.3.14 might allow remote malicious users to hijack connections and gain privileges as other users by making a large number of connections until the overflow occurs and an ID of another user is provided.
Oracle Solaris 11.2
Armin Burgmeier Net6
Armin Burgmeier Net6 1.3.5
Armin Burgmeier Net6 1.3.9
Armin Burgmeier Net6 1.3.7
Armin Burgmeier Net6 1.3.1
Armin Burgmeier Net6 1.3.12
Armin Burgmeier Net6 1.3.6
Armin Burgmeier Net6 1.3.4
Armin Burgmeier Net6 1.3.2
Armin Burgmeier Net6 1.3.11
Armin Burgmeier Net6 1.3.10
Armin Burgmeier Net6 1.3.3
Armin Burgmeier Net6 1.3.8
Opensuse Project Opensuse 11.4
Opensuse Opensuse 11.3
NA
CVE-2013-2191
python-bugzilla prior to 0.9.0 does not validate X.509 certificates, which allows man-in-the-middle malicious users to spoof Bugzilla servers via a crafted certificate.
Python Bugzilla Project Python-bugzilla
Python Bugzilla Project Python-bugzilla 0.7.0
Python Bugzilla Project Python-bugzilla 0.6.2
Python Bugzilla Project Python-bugzilla 0.6.1
Python Bugzilla Project Python-bugzilla 0.6.0
Opensuse Opensuse 12.3
Opensuse Opensuse 12.2
Fedoraproject Fedora 18
Fedoraproject Fedora 17
Opensuse Opensuse 11.4
NA
CVE-2012-1095
osc prior to 0.134 might allow remote OBS repository servers or package maintainers to execute arbitrary commands via a crafted (1) build log or (2) build status that contains an escape sequence for a terminal emulator.
Opensuse Opensuse 11.4
Opensuse Opensuse 12.1
Opensuse Osc
NA
CVE-2014-1478
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 27.0 and SeaMonkey prior to 2.24 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to th...
Mozilla Seamonkey
Mozilla Firefox
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 12.04
Opensuse Opensuse 12.3
Opensuse Opensuse 11.4
Opensuse Opensuse 13.1
Oracle Solaris 11.3
NA
CVE-2014-1480
The file-download implementation in Mozilla Firefox prior to 27.0 and SeaMonkey prior to 2.24 does not properly restrict the timing of button selections, which allows remote malicious users to conduct clickjacking attacks, and trigger unintended launching of a downloaded file, vi...
Opensuse Opensuse 11.4
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 11
Oracle Solaris 11.3
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 13.10
Mozilla Firefox
Mozilla Seamonkey
NA
CVE-2014-1483
Mozilla Firefox prior to 27.0 and SeaMonkey prior to 2.24 allow remote malicious users to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and do...
Oracle Solaris 11.3
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 12.04
Mozilla Seamonkey
Mozilla Firefox
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 11
Opensuse Opensuse 12.3
Suse Suse Linux Enterprise Software Development Kit 11.0
Opensuse Opensuse 11.4
Opensuse Opensuse 13.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »