Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 21 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2014-9668
The woff_open_font function in sfnt/sfobjs.c in FreeType prior to 2.5.4 proceeds with offset+length calculations without restricting length values, which allows remote malicious users to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have ...
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Freetype Freetype
445
VMScore
CVE-2015-6855
hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WIN_READ_NATIVE_MAX command to an empty drive,...
Qemu Qemu
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 21
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Suse Linux Enterprise Desktop 12
Suse Linux Enterprise Server 12
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Arista Eos -
668
VMScore
CVE-2021-3420
A flaw was found in newlib in versions before 4.0.0. Improper overflow validation in the memory allocation functions mEMALIGn, pvALLOc, nano_memalign, nano_valloc, nano_pvalloc could case an integer overflow, leading to an allocation of a small buffer and then to a heap-based buf...
Newlib Project Newlib
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
1 Article
668
VMScore
CVE-2022-24724
cmark-gfm is GitHub's extended version of the C reference implementation of CommonMark. Prior to versions 0.29.0.gfm.3 and 0.28.3.gfm.21, an integer overflow in cmark-gfm's table row parsing `table.c:row_from_string` may lead to heap memory corruption when parsing table...
Github Cmark-gfm
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
668
VMScore
CVE-2014-9656
The tt_sbit_decoder_load_image function in sfnt/ttsbit.c in FreeType prior to 2.5.4 does not properly check for an integer overflow, which allows remote malicious users to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted OpenT...
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Freetype Freetype
Debian Debian Linux 7.0
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
383
VMScore
CVE-2015-5235
IcedTea-Web prior to 1.5.3 and 1.6.x prior to 1.6.1 does not properly determine the origin of unsigned applets, which allows remote malicious users to bypass the approval process or trick users into approving applet execution via a crafted web page.
Fedoraproject Fedora 21
Fedoraproject Fedora 22
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Hpc Node 6
Redhat Enterprise Linux Workstation 6.0
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Redhat Icedtea
Redhat Icedtea 1.6
668
VMScore
CVE-2014-9662
cff/cf2ft.c in FreeType prior to 2.5.4 does not validate the return values of point-allocation functions, which allows remote malicious users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted OTF font.
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Debian Debian Linux 7.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Fedoraproject Fedora 21
Fedoraproject Fedora 20
Freetype Freetype
605
VMScore
CVE-2015-5234
IcedTea-Web prior to 1.5.3 and 1.6.x prior to 1.6.1 does not properly sanitize applet URLs, which allows remote malicious users to inject applets into the .appletTrustSettings configuration file and bypass user approval to execute the applet via a crafted web page, possibly relat...
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Hpc Node 6.0
Redhat Enterprise Linux Server 6.0
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Redhat Icedtea
Redhat Icedtea 1.6
Fedoraproject Fedora 22
Fedoraproject Fedora 21
445
VMScore
CVE-2015-3451
The _clone function in XML::LibXML prior to 2.0119 does not properly set the expand_entities option, which allows remote malicious users to conduct XML external entity (XXE) attacks via crafted XML data to the (1) new or (2) load_xml function.
Xml-libxml Project Xml-libxml
Debian Debian Linux 7.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Debian Debian Linux 8.0
Fedoraproject Fedora 21
Fedoraproject Fedora 20
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
668
VMScore
CVE-2014-9659
cff/cf2intrp.c in the CFF CharString interpreter in FreeType prior to 2.5.4 proceeds with additional hints after the hint mask has been computed, which allows remote malicious users to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted...
Oracle Solaris 10.0
Oracle Solaris 11.2
Freetype Freetype
Fedoraproject Fedora 21
Fedoraproject Fedora 20
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 10.04
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »