Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora core vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2021-33829
A cross-site scripting (XSS) vulnerability in the HTML Data Processor in CKEditor 4 4.14.0 up to and including 4.16.x prior to 4.16.1 allows remote malicious users to inject executable JavaScript code through a crafted comment because --!> is mishandled.
Ckeditor Ckeditor
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Drupal Drupal
Debian Debian Linux 9.0
5.9
CVSSv3
CVE-2023-45802
When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection bu...
Apache Http Server
Fedoraproject Fedora 38
2 Github repositories
6.5
CVSSv3
CVE-2021-37750
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) prior to 1.18.5 and 1.19.x prior to 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field.
Mit Kerberos 5
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Starwindsoftware Starwind Virtual San V8r13
Oracle Communications Cloud Native Core Network Slice Selection Function 22.1.0
10
CVSSv3
CVE-2021-41556
sqclass.cpp in Squirrel up to and including 2.2.5 and 3.x up to and including 3.1 allows an out-of-bounds read (in the core interpreter) that can lead to Code Execution. If a victim executes an attacker-controlled squirrel script, it is possible for the malicious user to break ou...
Squirrel-lang Squirrel
Fedoraproject Fedora 35
Fedoraproject Fedora 36
8
CVSSv3
CVE-2021-4157
An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS). A user, having access to the NFS mount, could potentially use this flaw to crash the system or escalate privileg...
Linux Linux Kernel
Fedoraproject Fedora 35
Netapp H300e Firmware -
Netapp H300s Firmware -
Netapp H500e Firmware -
Netapp H500s Firmware -
Netapp H700e Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Communications Cloud Native Core Binding Support Function 22.1.1
Oracle Communications Cloud Native Core Binding Support Function 22.2.0
6.5
CVSSv3
CVE-2021-37976
Inappropriate implementation in Memory in Google Chrome before 94.0.4606.71 allowed a remote malicious user to obtain potentially sensitive information from process memory via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 10.0
Debian Debian Linux 11.0
2 Articles
7.5
CVSSv3
CVE-2022-30522
If Apache HTTP Server 2.4.53 is configured to do transformations with mod_sed in contexts where the input to mod_sed may be very large, mod_sed may make excessively large memory allocations and trigger an abort.
Apache Http Server 2.4.53
Netapp Clustered Data Ontap -
Fedoraproject Fedora 35
Fedoraproject Fedora 36
5.3
CVSSv3
CVE-2022-28614
The ap_rwrite() function in Apache HTTP Server 2.4.53 and previous versions may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function. Modules compiled and distributed separa...
Apache Http Server
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Netapp Clustered Data Ontap -
9.1
CVSSv3
CVE-2022-28615
Apache HTTP Server 2.4.53 and previous versions may crash or disclose information due to a read beyond bounds in ap_strcmp_match() when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or...
Apache Http Server
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Netapp Clustered Data Ontap -
9.8
CVSSv3
CVE-2022-31813
Apache HTTP Server 2.4.53 and previous versions may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application.
Apache Http Server
Netapp Clustered Data Ontap -
Fedoraproject Fedora 35
Fedoraproject Fedora 36
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »