Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian debian linux 7.0 vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2017-17093
wp-includes/general-template.php in WordPress prior to 4.9.1 does not properly restrict the lang attribute of an HTML element, which might allow malicious users to conduct XSS attacks via the language setting of a site.
Wordpress Wordpress
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 7.0
7.5
CVSSv3
CVE-2017-15923
Konversation 1.4.x, 1.5.x, 1.6.x, and 1.7.x prior to 1.7.3 allow remote malicious users to cause a denial of service (crash) via vectors related to parsing of IRC color formatting codes.
Konversation Konversation
Debian Debian Linux 9.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
6.5
CVSSv3
CVE-2018-10981
An issue exists in Xen up to and including 4.10.x allowing x86 HVM guest OS users to cause a denial of service (host OS infinite loop) in situations where a QEMU device model attempts to make invalid transitions between states of a request.
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Xen Xen
5.3
CVSSv3
CVE-2011-2902
zxpdf in xpdf prior to 3.02-19 as packaged in Debian unstable and 3.02-12+squeeze1 as packaged in Debian squeeze deletes temporary files insecurely, which allows remote malicious users to delete arbitrary files via a crafted .pdf.gz file name.
Glyphandcog Xpdf
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 7.0
8.8
CVSSv3
CVE-2018-10982
An issue exists in Xen up to and including 4.10.x allowing x86 HVM guest OS users to cause a denial of service (unexpectedly high interrupt number, array overrun, and hypervisor crash) or possibly gain hypervisor privileges by setting up an HPET timer to deliver interrupts in IO-...
Xen Xen
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
7.5
CVSSv3
CVE-2017-7651
In Eclipse Mosquitto 1.4.14, a user can shutdown the Mosquitto server simply by filling the RAM memory with a lot of connections with large payload. This can be done without authentications if occur in connection phase of MQTT protocol.
Eclipse Mosquitto
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
2 Github repositories
7.5
CVSSv3
CVE-2017-7652
In Eclipse Mosquitto 1.4.14, if a Mosquitto instance is set running with a configuration file, then sending a HUP signal to server triggers the configuration to be reloaded from disk. If there are lots of clients connected so that there are no more file descriptors/sockets availa...
Eclipse Mosquitto
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
6.1
CVSSv3
CVE-2017-6927
Drupal 8.4.x versions prior to 8.4.5 and Drupal 7.x versions prior to 7.57 has a Drupal.checkPlain() JavaScript function which is used to escape potentially dangerous text before outputting it to HTML (as JavaScript output does not typically go through Twig autoescaping). This fu...
Drupal Drupal
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
5.3
CVSSv3
CVE-2017-6928
Drupal core 7.x versions prior to 7.57 when using Drupal's private file system, Drupal will check to make sure a user has access to a file before allowing the user to view or download it. This check fails under certain conditions in which one module is trying to grant access...
Drupal Drupal
Debian Debian Linux 9.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
6.1
CVSSv3
CVE-2017-6929
A jQuery cross site scripting vulnerability is present when making Ajax requests to untrusted domains. This vulnerability is mitigated by the fact that it requires contributed or custom modules in order to exploit. For Drupal 8, this vulnerability was already fixed in Drupal 8.4....
Drupal Drupal
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »