Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedora core vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2022-1154
Use after free in utf_ptr2char in GitHub repository vim/vim before 8.2.4646.
Vim Vim
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Oracle Communications Cloud Native Core Network Exposure Function 22.1.1
571
VMScore
CVE-2020-36242
In the cryptography package prior to 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer overflow and buffer overflow, as demonstrated by the Fernet class.
Cryptography Project Cryptography
Fedoraproject Fedora 33
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
2 Github repositories
445
VMScore
CVE-2007-3847
The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read.
Apache Http Server
Fedoraproject Fedora 7
Fedoraproject Fedora Core 6
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
445
VMScore
CVE-2019-16785
Waitress through version 1.3.1 implemented a "MAY" part of the RFC7230 which states: "Although the line terminator for the start-line and header fields is the sequence CRLF, a recipient MAY recognize a single LF as a line terminator and ignore any preceding CR.&quo...
Agendaless Waitress
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
Debian Debian Linux 9.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Redhat Openstack 15
445
VMScore
CVE-2019-16786
Waitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. According to the HTTP standard Transfer-Encoding should be a comma separ...
Agendaless Waitress
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
Debian Debian Linux 9.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Redhat Openstack 15
570
VMScore
CVE-2019-16789
In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Specially crafted requests contain...
Agendaless Waitress
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
Debian Debian Linux 9.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Redhat Openstack 15
320
VMScore
CVE-2021-4002
A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. A local user could use this flaw to get unauthorized ...
Linux Linux Kernel 5.16
Linux Linux Kernel
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 35
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Communications Cloud Native Core Policy 22.2.0
Oracle Communications Cloud Native Core Network Exposure Function 22.1.1
668
VMScore
CVE-2021-3773
A flaw in netfilter could allow a network-connected malicious user to infer openvpn connection endpoint information for further use in traditional network attacks.
Linux Linux Kernel
Fedoraproject Fedora 34
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Communications Cloud Native Core Policy 22.2.0
Oracle Communications Cloud Native Core Network Exposure Function 22.1.1
384
VMScore
CVE-2020-24553
Go prior to 1.14.8 and 1.15.x prior to 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.
Golang Go
Fedoraproject Fedora 33
Opensuse Leap 15.1
Opensuse Leap 15.2
Oracle Communications Cloud Native Core Policy 1.5.0
446
VMScore
CVE-2022-29117
.NET and Visual Studio Denial of Service Vulnerability
Microsoft .net 5.0
Microsoft .net Core 3.1
Microsoft Visual Studio 2022 17.0
Microsoft .net 6.0.0
Microsoft Visual Studio 2022 17.1
Microsoft Visual Studio 2019
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »