Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 35 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2022-0559
Use After Free in GitHub repository radareorg/radare2 before 5.6.2.
Radare Radare2
Fedoraproject Fedora 35
Fedoraproject Fedora 36
668
VMScore
CVE-2022-0582
Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file
Wireshark Wireshark 3.6.0
Wireshark Wireshark
Wireshark Wireshark 3.6.1
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
668
VMScore
CVE-2021-41816
CGI.escape_html in Ruby prior to 2.7.5 and 3.x prior to 3.0.3 has an integer overflow and resultant buffer overflow via a long string on platforms (such as Windows) where size_t and long have different numbers of bytes. This also affects the CGI gem prior to 0.3.1 for Ruby.
Ruby-lang Cgi
Fedoraproject Fedora 34
Fedoraproject Fedora 35
668
VMScore
CVE-2022-23614
Twig is an open source template language for PHP. When in a sandbox mode, the `arrow` parameter of the `sort` filter must be a closure to avoid attackers being able to run arbitrary PHP functions. In affected versions this constraint was not properly enforced and could lead to co...
Symfony Twig
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 11.0
2 Github repositories
668
VMScore
CVE-2022-23132
During Zabbix installation from RPM, DAC_OVERRIDE SELinux capability is in use to access PID files in [/var/run/zabbix] folder. In this case, Zabbix Proxy or Server processes can bypass file read, write and execute permissions check on the file system level
Zabbix Zabbix 6.0.0
Zabbix Zabbix
Fedoraproject Fedora 34
Fedoraproject Fedora 35
668
VMScore
CVE-2021-44790
A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Ser...
Apache Http Server
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Tenable Tenable.sc
Netapp Cloud Backup -
Oracle Http Server 12.2.1.3.0
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Oracle Communications Operations Monitor 4.3
Oracle Communications Operations Monitor 4.4
Oracle Communications Operations Monitor 5.0
Oracle Communications Element Manager
Oracle Communications Session Report Manager
Oracle Communications Session Route Manager
Apple Macos
Apple Mac Os X 10.15.7
3 Github repositories
668
VMScore
CVE-2021-44847
A stack-based buffer overflow in handle_request function in DHT.c in toxcore 0.1.9 up to and including 0.1.11 and 0.2.0 up to and including 0.2.12 (caused by an improper length calculation during the handling of received network packets) allows remote malicious users to crash the...
Toktok Toxcore
Fedoraproject Fedora 34
Fedoraproject Fedora 35
668
VMScore
CVE-2021-44420
In Django 2.2 prior to 2.2.25, 3.1 prior to 3.1.14, and 3.2 prior to 3.2.10, HTTP requests for URLs with trailing newlines could bypass upstream access control based on URL paths.
Djangoproject Django
Redhat Satellite 6.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 21.04
Canonical Ubuntu Linux 21.10
Fedoraproject Fedora 35
668
VMScore
CVE-2021-44143
A flaw was found in mbsync in isync 1.4.0 up to and including 1.4.3. Due to an unchecked condition, a malicious or compromised IMAP server could use a crafted mail message that lacks headers (i.e., one that starts with an empty line) to provoke a heap overflow, which could concei...
Isync Project Isync
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
668
VMScore
CVE-2021-43616
The npm ci command in npm 7.x and 8.x up to and including 8.1.3 proceeds with an installation even if dependency information in package-lock.json differs from package.json. This behavior is inconsistent with the documentation, and makes it easier for malicious users to install ma...
Npmjs Npm
Netapp Next Generation Application Programming Interface -
Fedoraproject Fedora 35
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »