Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
storage project storage vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2020-1712
A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate thei...
Systemd Project Systemd
Redhat Enterprise Linux 8.0
Redhat Openshift Container Platform 4.0
Redhat Discovery -
Redhat Migration Toolkit 1.0
Redhat Ceph Storage 4.0
Debian Debian Linux 9.0
1 Github repository
1 Article
7.8
CVSSv3
CVE-2018-17043
An issue has been found in doc2txt through 2014-03-19. It is a heap-based buffer overflow in the function Storage::init in Storage.cpp, called from parse_doc in parse_doc.cpp.
Doc2txt Project Doc2txt
7.8
CVSSv3
CVE-2010-2524
The DNS resolution functionality in the CIFS implementation in the Linux kernel prior to 2.6.35, when CONFIG_CIFS_DFS_UPCALL is enabled, relies on a user's keyring for the dns_resolver upcall in the cifs.upcall userspace helper, which allows local users to spoof the results ...
Linux Linux Kernel
Vmware Esx 4.1
Vmware Esx 4.0
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Suse Suse Linux Enterprise Server 11
Suse Suse Linux Enterprise Desktop 11
7.8
CVSSv3
CVE-2008-2812
The Linux kernel prior to 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio...
Linux Linux Kernel
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
Novell Linux Desktop 9
Opensuse Opensuse 11.0
Opensuse Opensuse 10.3
Suse Suse Linux Enterprise Server 10
Suse Suse Linux Enterprise Desktop 10
Debian Debian Linux 4.0
Avaya Message Networking 3.1
Avaya Sip Enablement Services 4.0
Avaya Messaging Storage Server 4.0
Avaya Proactive Contact 4.0
Avaya Meeting Exchange 5.0
Avaya Expanded Meet-me Conferencing
Avaya Intuity Audix Lx 2.0
Avaya Sip Enablement Services -
Avaya Communication Manager
7.6
CVSSv3
CVE-2020-13359
The Terraform API in GitLab CE/EE 12.10+ exposed the object storage signed URL on the delete operation allowing a malicious project maintainer to overwrite the Terraform state, bypassing audit and other business controls. Affected versions are >=12.10, <13.3.9,>=13.4, &l...
Gitlab Gitlab
7.5
CVSSv3
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Ietf Http 2.0
Nghttp2 Nghttp2
Netty Netty
Envoyproxy Envoy 1.27.0
Envoyproxy Envoy 1.26.4
Envoyproxy Envoy 1.25.9
Envoyproxy Envoy 1.24.10
Eclipse Jetty
Caddyserver Caddy
Golang Http2
Golang Go
Golang Networking
F5 Big-ip Analytics
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Domain Name System
F5 Big-ip Application Security Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
35 Github repositories
2 Articles
7.5
CVSSv3
CVE-2023-22687
Insecure Storage of Sensitive Information vulnerability in Jose Mortellaro Freesoul Deactivate Plugins – Plugin manager and cleanup plugin <= 1.9.4.0 versions.
Freesoul Deactivate Plugins - Plugin Manager And Cleanup Project Freesoul Deactivate Plugins - Plugin Manager And Cleanup
7.5
CVSSv3
CVE-2023-0457
Plaintext Storage of a Password vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series, MELSEC iQ-R Series, MELSEC-Q Series and MELSEC-L Series allows a remote unauthenticated malicious user to disclose plaintext credentials stored in project files and login into FTP...
Mitsubishielectric Fx5uc-32mr/ds-ts Firmware
Mitsubishielectric Fx5uc-32mt/d Firmware
Mitsubishielectric Fx5uc-32mt/dss Firmware
Mitsubishielectric Fx5uc-32mt/dss-ts Firmware
Mitsubishielectric Fx5uc-32mt/ds-ts Firmware
Mitsubishielectric Fx5uc-64mt/d Firmware
Mitsubishielectric Fx5uc-64mt/dss Firmware
Mitsubishielectric Fx5uc-96mt/d Firmware
Mitsubishielectric Fx5uc-96mt/dss Firmware
Mitsubishielectric Fx5uj-24mr/es Firmware
Mitsubishielectric Fx5uj-24mr/es-a Firmware
Mitsubishielectric Fx5uj-24mt/es Firmware
Mitsubishielectric Fx5uj-24mt/es-a Firmware
Mitsubishielectric Fx5uj-24mt/ess Firmware
Mitsubishielectric Fx5uj-40mr/es Firmware
Mitsubishielectric Fx5uj-40mr/es-a Firmware
Mitsubishielectric Fx5uj-40mt/es Firmware
Mitsubishielectric Fx5uj-40mt/es-a Firmware
Mitsubishielectric Fx5uj-40mt/ess Firmware
Mitsubishielectric Fx5uj-60mr/es Firmware
Mitsubishielectric Fx5uj-60mr/es-a Firmware
Mitsubishielectric Fx5uj-60mt/es Firmware
7.5
CVSSv3
CVE-2022-30122
A possible denial of service vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 in the multipart parsing component of Rack.
Rack Project Rack
Debian Debian Linux 11.0
7.5
CVSSv3
CVE-2022-29826
Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.087R and Motion Control Setting(GX Works3 related software) versions from 1.000A to 1.042U allows a remote unauthenticated malicious user to disclose sensitive info...
Mitsubishielectric Gx Works3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »