Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian debian linux vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2021-43302
Read out-of-bounds in PJSUA API when calling pjsua_recorder_create. An attacker-controlled 'filename' argument may cause an out-of-bounds read when the filename is shorter than 4 characters.
Teluu Pjsip
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
7.5
CVSSv2
CVE-2021-43303
Buffer overflow in PJSUA API when calling pjsua_call_dump. An attacker-controlled 'buffer' argument may cause a buffer overflow, since supplying an output buffer smaller than 128 characters may overflow the output buffer, regardless of the 'maxlen' argument su...
Teluu Pjsip
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
6.4
CVSSv2
CVE-2021-43845
PJSIP is a free and open source multimedia communication library. In version 2.11.1 and prior, if incoming RTCP XR message contain block, the data field is not checked against the received packet size, potentially resulting in an out-of-bound read access. This affects all users t...
Teluu Pjsip
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
2.1
CVSSv2
CVE-2013-0326
OpenStack nova base images permissions are world readable
Openstack Nova -
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
NA
CVE-2023-6873
Memory safety bugs present in Firefox 120. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 121.
Mozilla Firefox
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
5
CVSSv2
CVE-2017-15923
Konversation 1.4.x, 1.5.x, 1.6.x, and 1.7.x prior to 1.7.3 allow remote malicious users to cause a denial of service (crash) via vectors related to parsing of IRC color formatting codes.
Konversation Konversation
Debian Debian Linux 9.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
NA
CVE-2023-46316
In buc Traceroute 2.0.12 up to and including 2.1.2 prior to 2.1.3, the wrapper scripts do not properly parse command lines.
Buc Traceroute
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
7.5
CVSSv2
CVE-2018-7600
Drupal prior to 7.58, 8.x prior to 8.3.9, 8.4.x prior to 8.4.6, and 8.5.x prior to 8.5.1 allows remote malicious users to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.
Drupal Drupal
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
3 EDB exploits
62 Github repositories
2 Articles
7.5
CVSSv2
CVE-2018-7602
A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows malicious users to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to Drupal co...
Drupal Drupal
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
2 EDB exploits
8 Github repositories
7.5
CVSSv2
CVE-2019-20041
wp_kses_bad_protocol in wp-includes/kses.php in WordPress prior to 5.3.1 mishandles the HTML5 colon named entity, allowing malicious users to bypass input sanitization, as demonstrated by the javascript: substring.
Wordpress Wordpress
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »