Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 28 vulnerabilities and exploits
(subscribe to this query)
490
VMScore
CVE-2018-14348
libcgroup up to and including 0.41 creates /var/log/cgred with mode 0666 regardless of the configured umask, leading to disclosure of information.
Libcgroup Project Libcgroup
Debian Debian Linux 8.0
Fedoraproject Fedora 28
446
VMScore
CVE-2019-10906
In Pallets Jinja prior to 2.10.1, str.format_map allows a sandbox escape.
Palletsprojects Jinja
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Redhat Software Collections 1.0
Opensuse Leap 42.3
Opensuse Leap 15.0
2 Github repositories
446
VMScore
CVE-2019-6975
Django 1.11.x prior to 1.11.19, 2.0.x prior to 2.0.11, and 2.1.x prior to 2.1.6 allows Uncontrolled Memory Consumption via a malicious attacker-supplied value to the django.utils.numberformat.format() function.
Djangoproject Django
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Fedoraproject Fedora 28
Fedoraproject Fedora 29
3 Github repositories
446
VMScore
CVE-2018-17189
In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 (mod_http2) connections.
Apache Http Server 2.4.20
Apache Http Server 2.4.23
Apache Http Server 2.4.25
Apache Http Server 2.4.26
Apache Http Server 2.4.18
Apache Http Server 2.4.17
Apache Http Server 2.4.27
Apache Http Server 2.4.29
Apache Http Server 2.4.28
Apache Http Server 2.4.33
Apache Http Server 2.4.37
Apache Http Server 2.4.30
Apache Http Server 2.4.34
Apache Http Server 2.4.35
Netapp Santricity Cloud Connector -
Netapp Storage Automation Store -
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Debian Debian Linux 9.0
Oracle Retail Xstore Point Of Service 7.1
Oracle Retail Xstore Point Of Service 7.0
Oracle Hospitality Guest Access 4.2.0
2 Github repositories
446
VMScore
CVE-2018-14598
An issue exists in XListExtensions in ListExt.c in libX11 up to and including 1.6.5. A malicious server can send a reply in which the first string overflows, causing a variable to be set to NULL that will be freed later on, leading to DoS (segmentation fault).
X.org Libx11
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
Fedoraproject Fedora 28
445
VMScore
CVE-2019-10222
A flaw was found in the Ceph RGW configuration with Beast as the front end handling client requests. An unauthenticated attacker could crash the Ceph RGW server by sending valid HTTP headers and terminating the connection, resulting in a remote denial of service for Ceph RGW clie...
Ceph Ceph -
Redhat Ceph Storage 3.0
Redhat Ceph Storage 3.3
Fedoraproject Fedora 30
Fedoraproject Fedora 31
1 Github repository
445
VMScore
CVE-2019-0220
A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes ('/'), directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects...
Apache Http Server
Opensuse Leap 42.3
Opensuse Leap 15.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
1 Github repository
445
VMScore
CVE-2019-8936
NTP up to and including 4.2.8p12 has a NULL Pointer Dereference.
Netapp Data Ontap -
Netapp Clustered Data Ontap
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 42.3
Opensuse Leap 15.0
Hpe Hpux-ntp
Ntp Ntp 4.2.8
Ntp Ntp
1 Github repository
445
VMScore
CVE-2019-9496
An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attacker may force the hostapd proc...
W1.fi Hostapd
W1.fi Wpa Supplicant
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
445
VMScore
CVE-2019-3836
It exists in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later which can be triggered by certain post-handshake messages.
Gnu Gnutls
Fedoraproject Fedora 28
Opensuse Leap 15.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »