Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ubuntu vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2022-3165
An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could use this flaw to make QEMU unresponsive by sending a specially crafted payload message, resulting in a denial of service.
Qemu Qemu
Fedoraproject Fedora 36
Fedoraproject Fedora 37
6.3
CVSSv3
CVE-2022-3140
LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected versions of LibreOffice links using that scheme could be con...
Libreoffice Libreoffice 7.4.0
Libreoffice Libreoffice
Debian Debian Linux 11.0
Fedoraproject Fedora 35
5.5
CVSSv3
CVE-2022-31628
In PHP versions prior to 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.
Php Php
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Debian Debian Linux 10.0
Debian Debian Linux 11.0
1 Github repository
6.5
CVSSv3
CVE-2022-31629
In PHP versions prior to 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site malicious users to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.
Php Php
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Debian Debian Linux 10.0
Debian Debian Linux 11.0
1 Github repository
9.8
CVSSv3
CVE-2022-41352
An issue exists in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. An attacker can upload arbitrary files through amavis via a cpio loophole (extraction to /opt/zimbra/jetty/webapps/zimbra/public) that can lead to incorrect access to any other user accounts. Zimbra recommends pax over...
Zimbra Collaboration 9.0.0
Zimbra Collaboration 8.8.15
1 Metasploit module
4 Github repositories
1 Article
7.1
CVSSv3
CVE-2022-2347
There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound the length field in USB DFU download setup packets, and it does not verify that the transfer direction corresponds to the specified command. Consequently, if a physical attacker crafts a...
Denx U-boot
8.2
CVSSv3
CVE-2022-2881
The underlying bug might cause read past end of the buffer and either read memory it should not read, or crash the process.
Isc Bind
7.5
CVSSv3
CVE-2022-3080
By sending specific queries to the resolver, an attacker can cause named to crash.
Isc Bind 9.16.21
Isc Bind
Isc Bind 9.16.32
Isc Bind 9.16.14
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
7.5
CVSSv3
CVE-2022-38177
By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.
Isc Bind 9.11.7
Isc Bind 9.11.3
Isc Bind 9.11.6
Isc Bind 9.10.5
Isc Bind 9.11.5
Isc Bind 9.9.3
Isc Bind 9.10.7
Isc Bind 9.11.12
Isc Bind 9.11.8
Isc Bind 9.9.12
Isc Bind 9.9.13
Isc Bind 9.11.21
Isc Bind 9.16.8
Isc Bind 9.16.11
Isc Bind 9.11.27
Isc Bind 9.16.13
Isc Bind 9.11.29
Isc Bind 9.16.21
Isc Bind 9.11.35
Isc Bind 9.11.14-s1
Isc Bind 9.11.19-s1
Isc Bind 9.11.37
7.5
CVSSv3
CVE-2022-38178
By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.
Isc Bind
Isc Bind 9.11.7
Isc Bind 9.11.3
Isc Bind 9.11.6
Isc Bind 9.11.5
Isc Bind 9.11.12
Isc Bind 9.11.8
Isc Bind 9.11.21
Isc Bind 9.16.8
Isc Bind 9.16.11
Isc Bind 9.11.27
Isc Bind 9.16.13
Isc Bind 9.11.29
Isc Bind 9.16.21
Isc Bind 9.11.35
Isc Bind 9.11.14-s1
Isc Bind 9.11.19-s1
Isc Bind 9.11.37
Isc Bind 9.16.32
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »