Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
login security project vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2017-15130
A denial of service flaw was found in dovecot prior to 2.2.34. An attacker able to generate random SNI server names could exploit TLS SNI configuration lookups, leading to excessive memory usage and the process to restart.
Dovecot Dovecot
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
6.5
CVSSv3
CVE-2018-6541
In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address (when handling disk64_trailer local entries) in __zzip_fetch_disk_trailer (zzip/zip.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.
Zziplib Project Zziplib 0.13.67
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
7.5
CVSSv3
CVE-2017-15132
A flaw was found in dovecot 2.0 up to 2.2.33 and 2.3.0. An abort of SASL authentication results in a memory leak in dovecot's auth client used by login processes. The leak has impact in high performance configuration where same login processes are reused and can cause the pr...
Dovecot Dovecot 2.3.0
Dovecot Dovecot
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
7.8
CVSSv3
CVE-2017-1000229
Integer overflow bug in function minitiff_read_info() of optipng 0.7.6 allows an malicious user to remotely execute code or cause denial of service.
Optipng Project Optipng 0.7.6
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
8.8
CVSSv3
CVE-2017-5208
Integer overflow in the wrestool program in icoutils prior to 0.31.1 allows remote malicious users to cause a denial of service (memory corruption) via a crafted executable, which triggers a denial of service (application crash) or the possibility of execution of arbitrary code.
Icoutils Project Icoutils
Debian Debian Linux 8.0
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Server Tus 7.3
8.1
CVSSv3
CVE-2017-11103
Heimdal prior to 7.4 allows remote malicious users to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket() the KDC-REP service name must be obtained ...
Heimdal Project Heimdal
Freebsd Freebsd -
Samba Samba
Apple Mac Os X
Apple Iphone Os
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
9.8
CVSSv3
CVE-2017-9433
Document Liberation Project libmwaw prior to 2017-04-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the MsWrd1Parser::readFootnoteCorrespondance function in lib/MsWrd1Parser.cxx.
Libmwaw Project Libmwaw
6.5
CVSSv3
CVE-2016-2126
Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation due to incorrect handling of the PAC (Privilege Attribute Certificate) checksum. A remote, authenticated, attacker can cause the winbindd process to crash using a legitimate Kerberos ticket. A local service with...
Samba Samba
9.8
CVSSv3
CVE-2014-9654
The Regular Expressions package in International Components for Unicode (ICU) for C/C++ prior to 2014-12-03, as used in Google Chrome prior to 40.0.2214.91, calculates certain values without ensuring that they can be represented in a 24-bit field, which allows remote malicious us...
Google Chrome
Icu-project International Components For Unicode
7.5
CVSSv3
CVE-2015-8270
The AMF3ReadString function in amf.c in RTMPDump 2.4 allows remote RTMP Media servers to cause a denial of service (invalid pointer dereference and process crash).
Rtmpdump Project Rtmpdump 2.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »