Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 21 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-7295
hw/virtio/virtio.c in the Virtual Network Device (virtio-net) support in QEMU, when big or mergeable receive buffers are not supported, allows remote malicious users to cause a denial of service (guest network consumption) via a flood of jumbo frames on the (1) tuntap or (2) macv...
Qemu Qemu
Fedoraproject Fedora 22
Fedoraproject Fedora 21
Debian Debian Linux 8.0
Debian Debian Linux 7.0
7.5
CVSSv3
CVE-2015-6855
hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WIN_READ_NATIVE_MAX command to an empty drive,...
Qemu Qemu
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Fedoraproject Fedora 21
Suse Linux Enterprise Server 12
Suse Linux Enterprise Desktop 12
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Arista Eos -
NA
CVE-2015-5291
Heap-based buffer overflow in PolarSSL 1.x prior to 1.2.17 and ARM mbed TLS (formerly PolarSSL) 1.3.x prior to 1.3.14 and 2.x prior to 2.1.2 allows remote SSL servers to cause a denial of service (client crash) and possibly execute arbitrary code via a long hostname to the server...
Arm Mbed Tls
Polarssl Polarssl
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Fedoraproject Fedora 21
Opensuse Leap 42.1
Opensuse Opensuse 13.2
NA
CVE-2015-8036
Heap-based buffer overflow in ARM mbed TLS (formerly PolarSSL) 1.3.x prior to 1.3.14 and 2.x prior to 2.1.2 allows remote SSL servers to cause a denial of service (client crash) and possibly execute arbitrary code via a long session ticket name to the session ticket extension, wh...
Arm Mbed Tls
Polarssl Polarssl
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Fedoraproject Fedora 21
Opensuse Opensuse 13.2
NA
CVE-2015-5262
http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient prior to 4.3.6 ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote malicious users to cause a denial of service (HTTPS call hang) via unspecified vecto...
Fedoraproject Fedora 22
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Fedoraproject Fedora 23
Fedoraproject Fedora 21
Canonical Ubuntu Linux 15.04
Apache Httpclient
5 Github repositories
NA
CVE-2015-4625
Integer overflow in the authentication_agent_new_cookie function in PolicyKit (aka polkit) prior to 0.113 allows local users to gain privileges by creating a large number of connections, which triggers the issuance of a duplicate cookie value.
Fedoraproject Fedora 22
Fedoraproject Fedora 21
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Polkit Project Polkit
NA
CVE-2015-5234
IcedTea-Web prior to 1.5.3 and 1.6.x prior to 1.6.1 does not properly sanitize applet URLs, which allows remote malicious users to inject applets into the .appletTrustSettings configuration file and bypass user approval to execute the applet via a crafted web page, possibly relat...
Redhat Enterprise Linux Hpc Node 6.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Redhat Icedtea 1.6
Redhat Icedtea
Fedoraproject Fedora 22
Fedoraproject Fedora 21
NA
CVE-2015-5235
IcedTea-Web prior to 1.5.3 and 1.6.x prior to 1.6.1 does not properly determine the origin of unsigned applets, which allows remote malicious users to bypass the approval process or trick users into approving applet execution via a crafted web page.
Fedoraproject Fedora 22
Fedoraproject Fedora 21
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Hpc Node 6
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Redhat Icedtea 1.6
Redhat Icedtea
NA
CVE-2015-6938
Cross-site scripting (XSS) vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook prior to 3.2.2 and Jupyter Notebook 4.0.x prior to 4.0.5 allows remote malicious users to inject arbitrary web script or HTML via a folder name. NOTE: this was originally r...
Jupyter Notebook 4.0.2
Jupyter Notebook 4.0.0
Jupyter Notebook 4.0.4
Jupyter Notebook 4.0.1
Jupyter Notebook 4.0.3
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Fedoraproject Fedora 21
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Ipython Notebook
NA
CVE-2015-6665
Cross-site scripting (XSS) vulnerability in the Ajax handler in Drupal 7.x prior to 7.39 and the Ctools module 6.x-1.x prior to 6.x-1.14 for Drupal allows remote malicious users to inject arbitrary web script or HTML via vectors involving a whitelisted HTML element, possibly rela...
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Fedoraproject Fedora 21
Drupal Drupal 7.0
Drupal Drupal 7.16
Drupal Drupal 7.21
Drupal Drupal 7.18
Drupal Drupal 7.15
Drupal Drupal 7.38
Drupal Drupal 7.3
Drupal Drupal 7.17
Drupal Drupal 7.8
Drupal Drupal 7.13
Drupal Drupal 7.35
Drupal Drupal 7.20
Drupal Drupal 7.5
Drupal Drupal 7.10
Drupal Drupal 7.30
Drupal Drupal 7.27
Drupal Drupal 7.6
Drupal Drupal 7.12
Drupal Drupal 7.34
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »