Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
enterprise linux vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2015-5741
The net/http library in net/http/transfer.go in Go prior to 1.4.3 does not properly parse HTTP headers, which allows remote malicious users to conduct HTTP request smuggling attacks via a request that contains Content-Length and Transfer-Encoding header fields.
Golang Go
Redhat Openstack 7.0
Redhat Openstack 8
Redhat Enterprise Linux 7.0
9.8
CVSSv3
CVE-2019-15605
HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed
Nodejs Node.js
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Opensuse Leap 15.1
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Software Collections 1.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Aus 7.7
Redhat Enterprise Linux Server Tus 7.7
Redhat Enterprise Linux Eus 7.7
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Aus 8.6
Redhat Enterprise Linux Server Tus 8.6
Redhat Enterprise Linux Eus 8.6
9.8
CVSSv3
CVE-2019-15606
Including trailing white space in HTTP header values in Nodejs 10, 12, and 13 causes bypass of authorization based on header value comparisons
Nodejs Node.js
Oracle Graalvm 20.0.0
Oracle Graalvm 19.3.1
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.4.0
Debian Debian Linux 10.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Opensuse Leap 15.1
9.8
CVSSv3
CVE-2019-14906
A flaw was found with the RHSA-2019:3950 erratum, where it did not fix the CVE-2019-13616 SDL vulnerability. This issue only affects Red Hat SDL packages, SDL versions up to and including 1.2.15 and 2.x up to and including 2.0.9 has a heap-based buffer overflow flaw while copying...
Libsdl Simple Directmedia Layer
Redhat Enterprise Linux 7.0
9.8
CVSSv3
CVE-2019-20330
FasterXML jackson-databind 2.x prior to 2.9.10.2 lacks certain net.sf.ehcache blocking.
Fasterxml Jackson-databind
Oracle Retail Xstore Point Of Service 15.0
Oracle Primavera Unifier 16.2
Oracle Primavera Unifier 16.1
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Retail Xstore Point Of Service 16.0
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Weblogic Server 12.2.1.4.0
Oracle Enterprise Manager Base Platform 13.3.0.0
Oracle Primavera Unifier 19.12
Oracle Webcenter Portal 12.2.1.4.0
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Communications Instant Messaging Server 10.0.1.4.0
Oracle Retail Xstore Point Of Service 17.0
Oracle Retail Xstore Point Of Service 18.0
Oracle Retail Xstore Point Of Service 19.0
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Communications Billing And Revenue Management 7.5.0.23.0
Oracle Global Lifecycle Management Opatch
Oracle Trace File Analyzer 19c
9.8
CVSSv3
CVE-2020-5312
libImaging/PcxDecode.c in Pillow prior to 6.2.2 has a PCX P mode buffer overflow.
Python Pillow
Canonical Ubuntu Linux 16.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Fedoraproject Fedora 30
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Fedoraproject Fedora 31
9.8
CVSSv3
CVE-2019-17571
Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j...
Apache Log4j
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Opensuse Leap 15.1
Netapp Oncommand Workflow Automation -
Netapp Oncommand System Manager
Oracle Retail Service Backbone 14.1
Oracle Weblogic Server 12.1.3.0.0
Oracle Retail Service Backbone 15.0
Oracle Weblogic Server 10.3.6.0.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Application Testing Suite 13.3.0.1
Oracle Endeca Information Discovery Studio 3.2.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
Oracle Rapid Planning 12.1
Oracle Rapid Planning 12.2
Oracle Financial Services Lending And Leasing
Oracle Financial Services Lending And Leasing 12.5.0
Oracle Communications Network Integrity
18 Github repositories
1 Article
9.8
CVSSv3
CVE-2019-19333
In all versions of libyang prior to 1.0-r5, a stack-based buffer overflow exists in the way libyang parses YANG files with a leaf of type "bits". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an maliciou...
Cesnet Libyang 1.0
Cesnet Libyang 0.16
Cesnet Libyang 0.13
Cesnet Libyang 0.12
Cesnet Libyang 0.11
Cesnet Libyang 0.14
Cesnet Libyang 0.15
Redhat Enterprise Linux 8.0
9.8
CVSSv3
CVE-2019-19334
In all versions of libyang prior to 1.0-r5, a stack-based buffer overflow exists in the way libyang parses YANG files with a leaf of type "identityref". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an m...
Cesnet Libyang 1.0
Cesnet Libyang 0.16
Cesnet Libyang 0.13
Cesnet Libyang 0.12
Cesnet Libyang 0.11
Cesnet Libyang 0.14
Cesnet Libyang 0.15
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 31
9.8
CVSSv3
CVE-2019-5544
OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.
Vmware Esxi 6.0
Vmware Esxi 6.5
Vmware Esxi 6.7
Vmware Horizon Daas
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Eus 7.7
Redhat Enterprise Linux Server Aus 7.7
Redhat Enterprise Linux Server Tus 7.7
Openslp Openslp 1.2.1
Openslp Openslp 2.0.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »