Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 20 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2014-9659
cff/cf2intrp.c in the CFF CharString interpreter in FreeType prior to 2.5.4 proceeds with additional hints after the hint mask has been computed, which allows remote malicious users to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted...
Oracle Solaris 10.0
Oracle Solaris 11.2
Freetype Freetype
Fedoraproject Fedora 21
Fedoraproject Fedora 20
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 10.04
5
CVSSv2
CVE-2015-3451
The _clone function in XML::LibXML prior to 2.0119 does not properly set the expand_entities option, which allows remote malicious users to conduct XML external entity (XXE) attacks via crafted XML data to the (1) new or (2) load_xml function.
Xml-libxml Project Xml-libxml
Debian Debian Linux 7.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Debian Debian Linux 8.0
Fedoraproject Fedora 21
Fedoraproject Fedora 20
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
NA
CVE-2023-32004
A vulnerability has been discovered in Node.js version 20, specifically within the experimental permission model. This flaw relates to improper handling of Buffers in file system APIs causing a traversal path to bypass when verifying file permissions. This vulnerability affects a...
Nodejs Node.js
Fedoraproject Fedora 37
Fedoraproject Fedora 38
NA
CVE-2023-32006
The use of `module.constructor.createRequire()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x, and,...
Nodejs Node.js
Fedoraproject Fedora 37
Fedoraproject Fedora 38
5.8
CVSSv2
CVE-2015-1051
Open redirect vulnerability in the Context UI module in the Context module 7.x-3.x prior to 7.x-3.6 for Drupal allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination parameter.
Context Project Context 7.x-3.4
Context Project Context 7.x-3.5
Context Project Context 7.x-3.1
Context Project Context 7.x-3.3
Context Project Context 7.x-3.0
Context Project Context 7.x-3.2
Fedoraproject Fedora 20
Fedoraproject Fedora 21
7.8
CVSSv2
CVE-2015-1868
The label decompression functionality in PowerDNS Recursor 3.5.x, 3.6.x prior to 3.6.3, and 3.7.x prior to 3.7.2 and Authoritative (Auth) Server 3.2.x, 3.3.x prior to 3.3.2, and 3.4.x prior to 3.4.4 allows remote malicious users to cause a denial of service (CPU consumption or cr...
Powerdns Authoritative 3.2
Powerdns Authoritative 3.3
Powerdns Authoritative 3.3.1
Powerdns Authoritative 3.3.2
Powerdns Authoritative 3.4.0
Powerdns Authoritative 3.4.1
Powerdns Authoritative 3.4.3
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Fedoraproject Fedora 22
Powerdns Recursor 3.5
Powerdns Recursor 3.6.0
Powerdns Recursor 3.6.1
Powerdns Recursor 3.6.2
Powerdns Recursor 3.5.3
Powerdns Recursor 3.6.3
Powerdns Recursor 3.7.1
Powerdns Recursor 3.5.2
Powerdns Recursor 3.5.1
10
CVSSv2
CVE-2013-5610
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 26.0 and SeaMonkey prior to 2.23 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Mozilla Firefox
Mozilla Seamonkey
Oracle Solaris 11.3
Fedoraproject Fedora 18
Fedoraproject Fedora 19
Fedoraproject Fedora 20
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 13.10
Opensuse Opensuse 12.2
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 11
NA
CVE-2023-32003
`fs.mkdtemp()` and `fs.mkdtempSync()` can be used to bypass the permission model check using a path traversal attack. This flaw arises from a missing check in the fs.mkdtemp() API and the impact is a malicious actor could create an arbitrary directory. This vulnerability affects ...
Nodejs Node.js
Fedoraproject Fedora 37
Fedoraproject Fedora 38
4.3
CVSSv2
CVE-2013-6673
Mozilla Firefox prior to 26.0, Firefox ESR 24.x prior to 24.2, Thunderbird prior to 24.2, and SeaMonkey prior to 2.23 do not recognize a user's removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle malicious users to spoof SSL servers in ...
Fedoraproject Fedora 18
Fedoraproject Fedora 19
Fedoraproject Fedora 20
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Seamonkey
Mozilla Thunderbird
Suse Suse Linux Enterprise Software Development Kit 11.0
Opensuse Opensuse 12.2
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 11
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.10
7.5
CVSSv2
CVE-2013-5615
The JavaScript implementation in Mozilla Firefox prior to 26.0, Firefox ESR 24.x prior to 24.2, Thunderbird prior to 24.2, and SeaMonkey prior to 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs, which has unspecified...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Seamonkey
Mozilla Thunderbird
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 13.10
Suse Suse Linux Enterprise Software Development Kit 11.0
Opensuse Opensuse 12.2
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Suse Suse Linux Enterprise Desktop 11
Suse Suse Linux Enterprise Server 11
Fedoraproject Fedora 18
Fedoraproject Fedora 19
Fedoraproject Fedora 20
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »