Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 15 vulnerabilities and exploits
(subscribe to this query)
534
VMScore
CVE-2011-2520
fw_dbus.py in system-config-firewall 1.2.29 and previous versions uses the pickle Python module unsafely during D-Bus communication between the GUI and the backend, which might allow local users to gain privileges via a crafted serialized object.
Redhat System-config-firewall
Fedoraproject Fedora 15
531
VMScore
CVE-2011-1002
avahi-core/socket.c in avahi-daemon in Avahi prior to 0.6.29 allows remote malicious users to cause a denial of service (infinite loop) via an empty mDNS (1) IPv4 or (2) IPv6 UDP packet to port 5353. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-2244.
Avahi Avahi 0.6.25
Avahi Avahi 0.6.5
Avahi Avahi 0.6.20
Avahi Avahi 0.6.19
Avahi Avahi 0.5.2
Avahi Avahi 0.6.1
Avahi Avahi 0.6.13
Avahi Avahi 0.6.15
Avahi Avahi 0.6.7
Avahi Avahi 0.6.17
Avahi Avahi 0.6.16
Avahi Avahi 0.3
Avahi Avahi
Avahi Avahi 0.6.24
Avahi Avahi 0.6.23
Avahi Avahi 0.6.9
Avahi Avahi 0.2
Avahi Avahi 0.1
Avahi Avahi 0.6.14
Avahi Avahi 0.6.10
Avahi Avahi 0.6.27
Avahi Avahi 0.6.6
2 Nmap scripts
4 Github repositories
525
VMScore
CVE-2016-1000110
The CGIHandler class in Python prior to 2.7.12 does not protect against the HTTP_PROXY variable name clash in a CGI script, which could allow a remote malicious user to redirect HTTP requests.
Python Python
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 23
1 Article
516
VMScore
CVE-2020-1759
A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability exists in the secure mode of the messenger v2 protocol, which can allow an malicious user to forge auth tags and potentially manipulate the data by l...
Redhat Openshift 4.2
Redhat Ceph Storage 4.0
Redhat Openstack 15
Linuxfoundation Ceph
Fedoraproject Fedora 31
516
VMScore
CVE-2020-6425
Insufficient policy enforcement in extensions in Google Chrome before 80.0.3987.149 allowed an attacker who convinced a user to install a malicious extension to bypass site isolation via a crafted Chrome Extension.
Google Chrome
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Backports Sle-15
516
VMScore
CVE-2019-5823
Insufficient policy enforcement in service workers in Google Chrome before 74.0.3729.108 allowed a remote malicious user to bypass navigation restrictions via a crafted HTML page.
Google Chrome
Opensuse Leap 42.3
Debian Debian Linux 10.0
Opensuse Leap 15.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Backports Sle-15
Opensuse Leap 15.1
513
VMScore
CVE-2021-45046
It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with...
Apache Log4j 2.0
Apache Log4j
Intel Oneapi -
Intel Audio Development Kit -
Intel Datacenter Manager -
Intel System Debugger -
Intel Secure Device Onboard -
Intel Sensor Solution Firmware Development Kit -
Intel Computer Vision Annotation Tool -
Intel Genomics Kernel Library -
Intel System Studio -
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
196 Github repositories
9 Articles
454
VMScore
CVE-2021-30984
A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.
Apple Watchos
Apple Iphone Os
Apple Ipados
Apple Tvos
Apple Macos
Apple Safari
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 10.0
Debian Debian Linux 11.0
454
VMScore
CVE-2016-5385
PHP up to and including 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote malicious users to redirec...
Oracle Enterprise Manager Ops Center 12.2.2
Oracle Enterprise Manager Ops Center 12.3.2
Oracle Communications User Data Repository 10.0.1
Oracle Linux 6
Oracle Linux 7
Oracle Communications User Data Repository 12.0.0
Oracle Communications User Data Repository 10.0.0
Fedoraproject Fedora 24
Fedoraproject Fedora 23
Hp Storeever Msl6480 Tape Library Firmware
Hp System Management Homepage
Php Php
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Debian Debian Linux 8.0
Opensuse Leap 42.1
Drupal Drupal
1 Github repository
1 Article
446
VMScore
CVE-2020-26258
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.15, a Server-Side Forgery Request vulnerability can be activated when unmarshalling. The vulnerability may allow a remote malicious user to request data from internal resources tha...
Xstream Project Xstream
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
3 Github repositories
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-35229
privilege escalation
local users
CVE-2024-5405
CVE-2024-27842
CVE-2024-5274
CVE-2024-5378
CVE-2024-34152
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »