Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 18 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2012-1114
A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the filter parameter to cmd.php in an export and exporter_id action. and the filteruid parameter to list.php.
Ldap-account-manager Ldap Account Manager 3.6
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 16
Fedoraproject Fedora 17
Fedoraproject Fedora 18
4.3
CVSSv2
CVE-2012-1115
A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the export, add_value_form, and dn parameters to cmd.php.
Ldap-account-manager Ldap Account Manager 3.6
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 16
Fedoraproject Fedora 17
Fedoraproject Fedora 18
4.3
CVSSv2
CVE-2013-4168
Cross-site scripting (XSS) vulnerability in SmokePing 2.6.9 in the start and end time fields.
Smokeping Smokeping 2.6.9
Debian Debian Linux 8.0
Debian Debian Linux 10.0
Debian Debian Linux 9.0
Fedoraproject Fedora 18
Fedoraproject Fedora 19
4.3
CVSSv2
CVE-2013-1931
A cross-site scripting (XSS) vulnerability in MantisBT 1.2.14 allows remote malicious users to inject arbitrary web script or HTML via a version, related to deleting a version.
Mantisbt Mantisbt 1.2.14
Fedoraproject Fedora 17
Fedoraproject Fedora 18
4.3
CVSSv2
CVE-2013-2191
python-bugzilla prior to 0.9.0 does not validate X.509 certificates, which allows man-in-the-middle malicious users to spoof Bugzilla servers via a crafted certificate.
Python Bugzilla Project Python-bugzilla
Python Bugzilla Project Python-bugzilla 0.7.0
Python Bugzilla Project Python-bugzilla 0.6.2
Python Bugzilla Project Python-bugzilla 0.6.1
Python Bugzilla Project Python-bugzilla 0.6.0
Opensuse Opensuse 12.3
Opensuse Opensuse 12.2
Fedoraproject Fedora 18
Fedoraproject Fedora 17
Opensuse Opensuse 11.4
4.3
CVSSv2
CVE-2011-5268
connection.c in Bip prior to 0.8.9 does not properly close sockets, which allows remote malicious users to cause a denial of service (file descriptor consumption and crash) via multiple failed SSL handshakes, a different vulnerability than CVE-2013-4550. NOTE: this issue was SPLI...
Duckcorp Bip 0.8.1
Duckcorp Bip 0.8.2
Duckcorp Bip 0.8.3
Duckcorp Bip 0.8.4
Duckcorp Bip 0.8.0
Duckcorp Bip 0.8.5
Duckcorp Bip 0.8.6
Duckcorp Bip 0.8.7
Duckcorp Bip
Fedoraproject Fedora 20
Fedoraproject Fedora 19
Fedoraproject Fedora 18
4.3
CVSSv2
CVE-2013-1812
The ruby-openid gem prior to 2.2.2 for Ruby allows remote OpenID providers to cause a denial of service (CPU consumption) via (1) a large XRDS document or (2) an XML Entity Expansion (XEE) attack.
Fedoraproject Fedora 18
Fedoraproject Fedora 17
Janrain Ruby-openid
Janrain Ruby-openid 2.2.0
4.3
CVSSv2
CVE-2013-6673
Mozilla Firefox prior to 26.0, Firefox ESR 24.x prior to 24.2, Thunderbird prior to 24.2, and SeaMonkey prior to 2.23 do not recognize a user's removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle malicious users to spoof SSL servers in ...
Fedoraproject Fedora 18
Fedoraproject Fedora 19
Fedoraproject Fedora 20
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Seamonkey
Mozilla Thunderbird
Suse Suse Linux Enterprise Software Development Kit 11.0
Opensuse Opensuse 12.2
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 11
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.10
4.3
CVSSv2
CVE-2013-4589
The ExportAlphaQuantumType function in export.c in GraphicsMagick prior to 1.3.18 might allow remote malicious users to cause a denial of service (crash) via vectors related to exporting the alpha of an 8-bit RGBA image.
Novell Suse Linux Enterprise Debuginfo 11
Novell Suse Studio Onsite 1.3
Novell Suse Linux Enterprise Software Development Kit 11.0
Graphicsmagick Graphicsmagick 1.3.13
Graphicsmagick Graphicsmagick 1.1.11
Graphicsmagick Graphicsmagick 1.0.1
Graphicsmagick Graphicsmagick 1.3.15
Graphicsmagick Graphicsmagick 1.3.14
Graphicsmagick Graphicsmagick 1.3.11
Graphicsmagick Graphicsmagick 1.1
Graphicsmagick Graphicsmagick 1.2.2
Graphicsmagick Graphicsmagick 1.1.3
Graphicsmagick Graphicsmagick 1.1.5
Graphicsmagick Graphicsmagick 1.2.18
Graphicsmagick Graphicsmagick 1.1.10
Graphicsmagick Graphicsmagick 1.0
Graphicsmagick Graphicsmagick 1.2.5
Graphicsmagick Graphicsmagick 1.3.9
Graphicsmagick Graphicsmagick 1.2.3
Graphicsmagick Graphicsmagick 1.3.8
Graphicsmagick Graphicsmagick 1.3.16
Graphicsmagick Graphicsmagick 1.1.4
4.3
CVSSv2
CVE-2013-0237
Cross-site scripting (XSS) vulnerability in Plupload.as in Moxiecode plupload prior to 1.5.5, as used in WordPress prior to 3.5.1 and other products, allows remote malicious users to inject arbitrary web script or HTML via the id parameter.
Wordpress Wordpress 3.3.3
Wordpress Wordpress 3.3.2
Wordpress Wordpress 2.5.1
Wordpress Wordpress 2.0.11
Wordpress Wordpress 2.6.2
Wordpress Wordpress 2.6.1
Wordpress Wordpress 2.6
Wordpress Wordpress 2.3.1
Wordpress Wordpress 2.0
Wordpress Wordpress 2.7
Wordpress Wordpress 2.9
Wordpress Wordpress 2.9.1
Wordpress Wordpress 2.6.5
Wordpress Wordpress 1.6.2
Wordpress Wordpress 1.5.2
Wordpress Wordpress 1.5
Wordpress Wordpress 1.5.1
Wordpress Wordpress 1.3
Wordpress Wordpress 1.3.2
Wordpress Wordpress 0.71
Moxiecode Plupload
Wordpress Wordpress
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »