Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
login security project login security vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2015-7696
Info-ZIP UnZip 6.0 allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash) or possibly execute arbitrary code via a crafted password-protected ZIP archive, possibly related to an Extra-Field size value.
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 15.04
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Unzip Project Unzip 6.0
4.3
CVSSv2
CVE-2015-7697
Info-ZIP UnZip 6.0 allows remote malicious users to cause a denial of service (infinite loop) via empty bzip2 data in a ZIP archive.
Debian Debian Linux 8.0
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Debian Debian Linux 7.0
Unzip Project Unzip 6.0
1 Github repository
2.1
CVSSv2
CVE-2014-9496
The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows malicious users to have unspecified impact via vectors related to a (1) map offset or (2) rsrc marker, which triggers an out-of-bounds read.
Libsndfile Project Libsndfile
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Debian Debian Linux 9.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 15.10
Oracle Solaris 11.2
6.8
CVSSv2
CVE-2011-4516
Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted numrlvls value in a coding style default (COD) marker...
Jasper Project Jasper 1.900.1
Suse Linux Enterprise Server 11
Fedoraproject Fedora 16
Canonical Ubuntu Linux 10.10
Suse Linux Enterprise Desktop 11
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 11.10
Debian Debian Linux 6.0
Fedoraproject Fedora 15
Canonical Ubuntu Linux 10.04
Suse Linux Enterprise Software Development Kit 11
Oracle Outside In Technology 8.3.5
Oracle Outside In Technology 8.3.7
6.8
CVSSv2
CVE-2011-4517
The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote malicious users to trigger a heap-based buffer overflow and execute arbitrary code, or cause a denial of service (heap memo...
Jasper Project Jasper 1.900.1
Suse Linux Enterprise Server 11
Fedoraproject Fedora 16
Canonical Ubuntu Linux 10.10
Suse Linux Enterprise Desktop 11
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 11.10
Debian Debian Linux 6.0
Fedoraproject Fedora 15
Canonical Ubuntu Linux 10.04
Suse Linux Enterprise Software Development Kit 11
Oracle Outside In Technology 8.3.5
Oracle Outside In Technology 8.3.7
Redhat Enterprise Linux Desktop 4
4.3
CVSSv2
CVE-2015-4000
The TLS protocol 1.2 and previous versions, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle malicious users to conduct cipher-downgrade attacks by rewriting a ClientHello with D...
Openssl Openssl
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Hp Hp-ux B.11.31
Ibm Content Manager 8.5
Oracle Jrockit R28.3.6
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Oracle Jdk 1.8.0
Oracle Jre 1.7.0
Oracle Jre 1.6.0
Oracle Jre 1.8.0
Oracle Jdk 1.7.0
Oracle Jdk 1.6.0
Suse Linux Enterprise Server 11.0
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Desktop 12
Suse Suse Linux Enterprise Server 12
Apple Mac Os X
Apple Iphone Os
1 Nmap script
4 Github repositories
1 Article
4
CVSSv2
CVE-2014-2665
includes/specials/SpecialChangePassword.php in MediaWiki prior to 1.19.14, 1.20.x and 1.21.x prior to 1.21.8, and 1.22.x prior to 1.22.5 does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authenticated users to obtain...
Mediawiki Mediawiki 1.22.3
Mediawiki Mediawiki 1.22.2
Mediawiki Mediawiki 1.21.2
Mediawiki Mediawiki 1.21.3
Mediawiki Mediawiki 1.20.5
Mediawiki Mediawiki 1.20.6
Mediawiki Mediawiki 1.19
Mediawiki Mediawiki 1.19.0
Mediawiki Mediawiki 1.19.6
Mediawiki Mediawiki 1.19.7
Mediawiki Mediawiki 1.21.6
Mediawiki Mediawiki 1.21.5
Mediawiki Mediawiki 1.20.1
Mediawiki Mediawiki 1.20.2
Mediawiki Mediawiki
Mediawiki Mediawiki 1.19.12
Mediawiki Mediawiki 1.19.2
Mediawiki Mediawiki 1.19.3
Mediawiki Mediawiki 1.22.4
Mediawiki Mediawiki 1.21
Mediawiki Mediawiki 1.21.1
Mediawiki Mediawiki 1.20.3
6.8
CVSSv2
CVE-2017-5208
Integer overflow in the wrestool program in icoutils prior to 0.31.1 allows remote malicious users to cause a denial of service (memory corruption) via a crafted executable, which triggers a denial of service (application crash) or the possibility of execution of arbitrary code.
Icoutils Project Icoutils
Debian Debian Linux 8.0
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Server Tus 7.3
6.5
CVSSv2
CVE-2017-0926
Gitlab Community Edition version 10.3 is vulnerable to an improper authorization issue in the Oauth sign-in component resulting in unauthorized user login.
Gitlab Gitlab
Debian Debian Linux 9.0
6.8
CVSSv2
CVE-2017-5332
The extract_group_icon_cursor_resource in wrestool/extract.c in icoutils prior to 0.31.1 can access unallocated memory, which allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable.
Icoutils Project Icoutils
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Aus 7.7
Redhat Enterprise Linux Server Eus 7.7
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Tus 7.7
Canonical Ubuntu Linux 12.04
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Debian Debian Linux 10.0
Opensuse Leap 42.1
Opensuse Leap 42.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »