Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedora core vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-45802
When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection bu...
Apache Http Server
Fedoraproject Fedora 38
2 Github repositories
5
CVSSv2
CVE-2020-25710
A flaw was found in OpenLDAP in versions prior to 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability.
Openldap Openldap
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Jboss Enterprise Web Server 2.0.0
Redhat Enterprise Linux 5.0
Redhat Jboss Enterprise Application Platform 5.0.0
Redhat Jboss Core Services -
Debian Debian Linux 9.0
Fedoraproject Fedora 33
NA
CVE-2022-42915
curl prior to 7.86.0 has a double free. If curl is told to use an HTTP proxy for a transfer with a non-HTTP(S) URL, it sets up the connection to the remote server by issuing a CONNECT request to the proxy, and then tunnels the rest of the protocol through. An HTTP proxy might ref...
Haxx Curl
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp Ontap 9 -
Apple Macos
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
7.9
CVSSv2
CVE-2021-3752
A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from thi...
Linux Linux Kernel
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux For Real Time 7
Redhat Enterprise Linux For Real Time For Nfv 7
Redhat Virtualization Host 4.0
Redhat Enterprise Linux 8.0
Redhat 3scale 2.0
Fedoraproject Fedora 34
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Communications Cloud Native Core Policy 22.2.0
Oracle Communications Cloud Native Core Network Exposure Function 22.1.1
5.8
CVSSv2
CVE-2021-20322
A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomizat...
Linux Linux Kernel
Fedoraproject Fedora 34
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Solidfire \\& Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp E-series Santricity Os Controller
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Netapp Fas Baseboard Management Controller Firmware -
Netapp Aff Baseboard Management Controller Firmware -
Netapp Aff A700s Firmware -
Netapp H700s Firmware -
Netapp H700e Firmware -
Netapp H500s Firmware -
Netapp H410s Firmware -
Netapp H500e Firmware -
Netapp H300e Firmware -
Netapp H300s Firmware -
Netapp Hci Compute Node Firmware -
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Communications Cloud Native Core Policy 22.2.0
Oracle Communications Cloud Native Core Network Exposure Function 22.1.1
1 Article
5
CVSSv2
CVE-2020-11612
The ZlibDecoders in Netty 4.1.x prior to 4.1.46 allow for unbounded memory allocation while decoding a ZlibEncoded byte stream. An attacker could send a large ZlibEncoded byte stream to the Netty server, forcing the server to allocate all of its free memory to a single decoder.
Netty Netty
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 33
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Oncommand Api Services -
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.4.0
Oracle Nosql Database
Oracle Communications Messaging Server 8.1
Oracle Communications Design Studio 7.4.2
Oracle Communications Brm - Elastic Charging Engine 12.0.0.3
Oracle Communications Cloud Native Core Service Communication Proxy 1.5.2
Oracle Siebel Core - Server Framework
4.8
CVSSv2
CVE-2020-26555
Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B up to and including 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.
Bluetooth Bluetooth Core Specification
Fedoraproject Fedora 34
Intel Ax210 Firmware -
Intel Ax201 Firmware -
Intel Ax200 Firmware -
Intel Ac 9560 Firmware -
Intel Ac 9462 Firmware -
Intel Ac 9461 Firmware -
Intel Ac 9260 Firmware -
Intel Ac 8265 Firmware -
Intel Ac 8260 Firmware -
Intel Ac 3168 Firmware -
Intel Ac 7265 Firmware -
Intel Ac 3165 Firmware -
Intel Killer Wi-fi 6e Ax1675 Firmware -
Intel Killer Wi-fi 6 Ax1650 Firmware -
Intel Killer Ac 1550 Firmware -
1 Github repository
5
CVSSv2
CVE-2004-1613
Mozilla allows remote malicious users to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstr...
Mozilla Mozilla 1.0
Mozilla Mozilla 1.1
Mozilla Mozilla 1.3
Mozilla Mozilla 1.3.1
Mozilla Mozilla 1.5
Mozilla Mozilla 1.6
Mozilla Mozilla 1.4
Mozilla Mozilla 1.4.1
Mozilla Mozilla 1.7
Mozilla Mozilla 1.7.1
Mozilla Mozilla 1.0.1
Mozilla Mozilla 1.0.2
Mozilla Mozilla 1.2
Mozilla Mozilla 1.8
Sgi Propack 3.0
Mozilla Mozilla 1.2.1
Mozilla Mozilla 1.4.2
Mozilla Mozilla 1.4.4
Mozilla Mozilla 1.7.2
Mozilla Mozilla 1.7.3
Redhat Enterprise Linux 2.1
Redhat Linux 7.3
7.5
CVSSv2
CVE-2021-3177
Python 3.x up to and including 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_para...
Python Python
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager -
Debian Debian Linux 9.0
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Communications Offline Mediation Controller 12.0.0.3.0
Oracle Zfs Storage Appliance Kit 8.8
Oracle Communications Pricing Design Center 12.0.0.3.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 22.2.0
3 Github repositories
5
CVSSv2
CVE-2020-1045
<p>A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.</p> <p>The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious malicious user to set a second cookie with the name...
Microsoft Asp.net Core
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Aus 8.2
Redhat Enterprise Linux Tus 8.2
Redhat Enterprise Linux Aus 8.4
Redhat Enterprise Linux Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Eus 8.6
Redhat Enterprise Linux Tus 8.6
Redhat Enterprise Linux Aus 8.6
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »