Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
leap vulnerabilities and exploits
(subscribe to this query)
828
VMScore
CVE-2016-1645
Multiple integer signedness errors in the opj_j2k_update_image_data function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome prior to 49.0.2623.87, allow remote malicious users to cause a denial of service (incorrect cast and out-of-bounds write) or possibly have unspeci...
Google Chrome
Debian Debian Linux 8.0
Opensuse Leap 42.1
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Opensuse Suse Linux Enterprise Server 12.0
828
VMScore
CVE-2016-2794
The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in Graphite 2 prior to 1.3.6, as used in Mozilla Firefox prior to 45.0 and Firefox ESR 38.x prior to 38.7, allows remote malicious users to cause a denial of service (buffer over-read) or possibly have unspecified other...
Mozilla Firefox Esr 38.6.0
Mozilla Firefox Esr 38.5.1
Mozilla Firefox Esr 38.1.0
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.0.1
Mozilla Firefox
Mozilla Firefox Esr 38.6.1
Mozilla Firefox Esr 38.2.0
Mozilla Firefox Esr 38.1.1
Mozilla Firefox Esr 38.3.0
Mozilla Firefox Esr 38.2.1
Mozilla Firefox Esr 38.5.0
Mozilla Firefox Esr 38.4.0
Mozilla Firefox Esr 38.0
Sil Graphite2
Suse Linux Enterprise 12.0
Opensuse Opensuse 13.1
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Oracle Linux 6
Oracle Linux 7
Oracle Linux 5.0
828
VMScore
CVE-2016-2799
Heap-based buffer overflow in the graphite2::Slot::setAttr function in Graphite 2 prior to 1.3.6, as used in Mozilla Firefox prior to 45.0 and Firefox ESR 38.x prior to 38.7, allows remote malicious users to cause a denial of service or possibly have unspecified other impact via ...
Oracle Linux 5.0
Oracle Linux 7
Oracle Linux 6
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Suse Linux Enterprise 12.0
Opensuse Leap 42.1
Mozilla Firefox Esr 38.3.0
Mozilla Firefox Esr 38.2.1
Mozilla Firefox Esr 38.5.0
Mozilla Firefox Esr 38.4.0
Mozilla Firefox Esr 38.0.1
Mozilla Firefox Esr 38.0
Mozilla Firefox Esr 38.6.0
Mozilla Firefox Esr 38.5.1
Mozilla Firefox Esr 38.1.0
Mozilla Firefox Esr 38.0.5
Mozilla Firefox
Mozilla Firefox Esr 38.6.1
Mozilla Firefox Esr 38.2.0
Mozilla Firefox Esr 38.1.1
Sil Graphite2
828
VMScore
CVE-2016-1945
The nsZipArchive function in Mozilla Firefox prior to 44.0 might allow remote malicious users to cause a denial of service or possibly have unspecified other impact by leveraging incorrect use of a pointer during processing of a ZIP archive.
Mozilla Firefox 43.0.4
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Opensuse Leap 42.1
818
VMScore
CVE-2019-14287
In Sudo prior to 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER=...
Sudo Project Sudo
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Netapp Element Software Management Node -
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Server Aus 7.2
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Tus 7.2
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Aus 6.6
58 Github repositories
1 Article
802
VMScore
CVE-2020-9273
In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel. This triggers a use-after-free in alloc_pool in pool.c, and possible remote code execution.
Proftpd Proftpd 1.3.7
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Siemens Simatic Net Cp 1545-1 Firmware -
Siemens Simatic Net Cp 1543-1 Firmware
3 Github repositories
801
VMScore
CVE-2020-8233
A command injection vulnerability exists in EdgeSwitch firmware <v1.9.0 that allowed an authenticated read-only user to execute arbitrary shell commands over the HTTP interface, allowing them to escalate privileges.
Ui Edgeswitch Firmware
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
801
VMScore
CVE-2019-10164
PostgreSQL versions 10.x prior to 10.9 and versions 11.x prior to 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user's own password to a purpose-crafted value. This often suffices to execute arb...
Postgresql Postgresql
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.0
Opensuse Leap 15.1
1 Github repository
801
VMScore
CVE-2019-11328
An issue exists in Singularity 3.1.0 to 3.2.0-rc2, a malicious user with local/network access to the host system (e.g. ssh) could exploit this vulnerability due to insecure permissions allowing a user to edit files within `/run/singularity/instances/sing/<user>/<instance...
Sylabs Singularity
Sylabs Singularity 3.2.0
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.1
Opensuse Backports Sle-15
801
VMScore
CVE-2017-9286
The packaging of NextCloud in openSUSE used /srv/www/htdocs in an unsafe manner, which could have allowed scripts running as wwwrun user to escalate privileges to root during nextcloud package upgrade.
Opensuse Leap 42.3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »