Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 21 vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2015-6566
zarafa-autorespond in Zarafa Collaboration Platform (ZCP) prior to 7.2.1 allows local users to gain privileges via a symlink attack on /tmp/zarafa-vacation-*.
Zarafa Zarafa Collaboration Platform
Fedoraproject Fedora 21
5
CVSSv2
CVE-2015-7295
hw/virtio/virtio.c in the Virtual Network Device (virtio-net) support in QEMU, when big or mergeable receive buffers are not supported, allows remote malicious users to cause a denial of service (guest network consumption) via a flood of jumbo frames on the (1) tuntap or (2) macv...
Qemu Qemu
Fedoraproject Fedora 21
Fedoraproject Fedora 22
Debian Debian Linux 7.0
Debian Debian Linux 8.0
5
CVSSv2
CVE-2015-6855
hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WIN_READ_NATIVE_MAX command to an empty drive,...
Qemu Qemu
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 21
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Suse Linux Enterprise Desktop 12
Suse Linux Enterprise Server 12
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Arista Eos -
6.8
CVSSv2
CVE-2015-8036
Heap-based buffer overflow in ARM mbed TLS (formerly PolarSSL) 1.3.x prior to 1.3.14 and 2.x prior to 2.1.2 allows remote SSL servers to cause a denial of service (client crash) and possibly execute arbitrary code via a long session ticket name to the session ticket extension, wh...
Arm Mbed Tls
Polarssl Polarssl
Fedoraproject Fedora 21
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Opensuse Opensuse 13.2
6.8
CVSSv2
CVE-2015-5291
Heap-based buffer overflow in PolarSSL 1.x prior to 1.2.17 and ARM mbed TLS (formerly PolarSSL) 1.3.x prior to 1.3.14 and 2.x prior to 2.1.2 allows remote SSL servers to cause a denial of service (client crash) and possibly execute arbitrary code via a long hostname to the server...
Arm Mbed Tls
Polarssl Polarssl
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Opensuse Leap 42.1
Fedoraproject Fedora 21
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Opensuse Opensuse 13.2
4.3
CVSSv2
CVE-2015-5262
http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient prior to 4.3.6 ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote malicious users to cause a denial of service (HTTPS call hang) via unspecified vecto...
Fedoraproject Fedora 22
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Fedoraproject Fedora 23
Fedoraproject Fedora 21
Canonical Ubuntu Linux 15.04
Apache Httpclient
5 Github repositories
4.6
CVSSv2
CVE-2015-4625
Integer overflow in the authentication_agent_new_cookie function in PolicyKit (aka polkit) prior to 0.113 allows local users to gain privileges by creating a large number of connections, which triggers the issuance of a duplicate cookie value.
Fedoraproject Fedora 21
Opensuse Opensuse 13.2
Fedoraproject Fedora 22
Opensuse Opensuse 13.1
Polkit Project Polkit
6.8
CVSSv2
CVE-2015-5234
IcedTea-Web prior to 1.5.3 and 1.6.x prior to 1.6.1 does not properly sanitize applet URLs, which allows remote malicious users to inject applets into the .appletTrustSettings configuration file and bypass user approval to execute the applet via a crafted web page, possibly relat...
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Hpc Node 6.0
Redhat Enterprise Linux Server 6.0
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Redhat Icedtea
Redhat Icedtea 1.6
Fedoraproject Fedora 22
Fedoraproject Fedora 21
4.3
CVSSv2
CVE-2015-5235
IcedTea-Web prior to 1.5.3 and 1.6.x prior to 1.6.1 does not properly determine the origin of unsigned applets, which allows remote malicious users to bypass the approval process or trick users into approving applet execution via a crafted web page.
Fedoraproject Fedora 21
Fedoraproject Fedora 22
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Hpc Node 6
Redhat Enterprise Linux Workstation 6.0
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Redhat Icedtea
Redhat Icedtea 1.6
4.3
CVSSv2
CVE-2015-6938
Cross-site scripting (XSS) vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook prior to 3.2.2 and Jupyter Notebook 4.0.x prior to 4.0.5 allows remote malicious users to inject arbitrary web script or HTML via a folder name. NOTE: this was originally r...
Jupyter Notebook 4.0.4
Jupyter Notebook 4.0.3
Jupyter Notebook 4.0.2
Jupyter Notebook 4.0.1
Jupyter Notebook 4.0.0
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Fedoraproject Fedora 21
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Ipython Notebook
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »