Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bug library project bug library vulnerabilities and exploits
(subscribe to this query)
6.9
CVSSv2
CVE-2011-4355
GNU Project Debugger (GDB) prior to 7.5, when .debug_gdb_scripts is defined, automatically loads certain files from the current working directory, which allows local users to gain privileges via crafted files such as Python scripts.
Gnu Gdb 6.1
Gnu Gdb 6.1.1
Gnu Gdb 5.2.1
Gnu Gdb 6.3
Gnu Gdb 5.1.1
Gnu Gdb 6.7.1
Gnu Gdb 6.2
Gnu Gdb 5.2
Gnu Gdb 4.18
Gnu Gdb 5.1
Gnu Gdb 7.3.1
Gnu Gdb 5.0
Gnu Gdb 7.2
Gnu Gdb 5.0.92
Gnu Gdb 6.5
Gnu Gdb 6.4
Gnu Gdb 7.4
Gnu Gdb 7.0
Gnu Gdb 6.8
Gnu Gdb 7.3
Gnu Gdb 6.2.1
Gnu Gdb 6.6
NA
CVE-2022-40674
libexpat prior to 2.4.9 has a use-after-free in the doContent function in xmlparse.c.
Libexpat Project Libexpat
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
5
CVSSv2
CVE-2017-9229
An issue exists in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby up to and including 2.4.1 and mbstring in PHP up to and including 7.1.5. A SIGSEGV occurs in left_adjust_char_head() during regular expression compilation. Invalid handling of reg->dmax in forward_search_rang...
Oniguruma Project Oniguruma 6.2.0
Ruby-lang Ruby
Php Php
2.1
CVSSv2
CVE-2018-15854
Unchecked NULL pointer usage in xkbcommon prior to 0.8.1 could be used by local malicious users to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because geometry tokens were desupported incorrectly.
Xkbcommon Project Xkbcommon
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
2.1
CVSSv2
CVE-2018-15855
Unchecked NULL pointer usage in xkbcommon prior to 0.8.1 could be used by local malicious users to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because the XkbFile for an xkb_geometry section was mishandled.
Xkbcommon Project Xkbcommon
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
7.5
CVSSv2
CVE-2022-23852
Expat (aka libexpat) prior to 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.
Libexpat Project Libexpat
Netapp Oncommand Workflow Automation -
Netapp Clustered Data Ontap -
Tenable Nessus
Debian Debian Linux 9.0
Oracle Communications Metasolv Solution 6.3.1
Siemens Sinema Remote Connect Server
7.5
CVSSv2
CVE-2022-22822
addBinding in xmlparse.c in Expat (aka libexpat) prior to 2.4.3 has an integer overflow.
Libexpat Project Libexpat
Tenable Nessus
Siemens Sinema Remote Connect Server
Debian Debian Linux 10.0
Debian Debian Linux 11.0
1 Article
7.5
CVSSv2
CVE-2022-22823
build_model in xmlparse.c in Expat (aka libexpat) prior to 2.4.3 has an integer overflow.
Libexpat Project Libexpat
Tenable Nessus
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Siemens Sinema Remote Connect Server
1 Article
7.5
CVSSv2
CVE-2022-22824
defineAttribute in xmlparse.c in Expat (aka libexpat) prior to 2.4.3 has an integer overflow.
Libexpat Project Libexpat
Tenable Nessus
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Siemens Sinema Remote Connect Server
1 Article
5
CVSSv2
CVE-2021-43859
XStream is an open source java library to serialize objects to XML and back again. Versions before 1.4.19 may allow a remote malicious user to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of servic...
Xstream Project Xstream
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Oracle Flexcube Private Banking 12.1.0
Oracle Commerce Guided Search 11.3.2
Oracle Retail Xstore Point Of Service 16.0.6
Oracle Retail Xstore Point Of Service 17.0.4
Oracle Retail Xstore Point Of Service 18.0.3
Oracle Retail Xstore Point Of Service 19.0.2
Oracle Retail Xstore Point Of Service 20.0.1
Oracle Communications Cloud Native Core Automated Test Suite 1.9.0
Oracle Communications Policy Management 12.6.0.0.0
Oracle Communications Diameter Intelligence Hub
Oracle Communications Brm - Elastic Charging Engine 12.0.0.5.0
Oracle Communications Brm - Elastic Charging Engine
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »