Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
backports vulnerabilities and exploits
(subscribe to this query)
4.9
CVSSv3
CVE-2019-15624
Improper Input Validation in Nextcloud Server 15.0.7 allows group admins to create users with IDs of system folders.
Nextcloud Nextcloud Server
Opensuse Backports Sle-15
Suse Suse Linux Enterprise Server 12
7.5
CVSSv3
CVE-2020-12672
GraphicsMagick up to and including 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c.
Graphicsmagick Graphicsmagick
Debian Debian Linux 8.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
6.5
CVSSv3
CVE-2019-10206
ansible-playbook -k and ansible cli tools, all versions 2.8.x prior to 2.8.4, all 2.7.x prior to 2.7.13 and all 2.6.x prior to 2.6.19, prompt passwords by expanding them from templates as they could contain special characters. Passwords should be wrapped to prevent templates trig...
Redhat Ansible
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
7.5
CVSSv3
CVE-2020-6095
An exploitable denial of service vulnerability exists in the GstRTSPAuth functionality of GStreamer/gst-rtsp-server 1.14.5. A specially crafted RTSP setup request can cause a null pointer deference resulting in denial-of-service. An attacker can send a malicious packet to trigger...
Gstreamer Project Gst-rtsp-server 1.14.5
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
8.8
CVSSv3
CVE-2020-24972
The Kleopatra component prior to 3.1.12 (and prior to 20.07.80) for GnuPG allows remote malicious users to execute arbitrary code because openpgp4fpr: URLs are supported without safe handling of command-line options. The Qt platformpluginpath command-line option can be used to lo...
Kleopatra Project Kleopatra
Fedoraproject Fedora 32
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
6.5
CVSSv3
CVE-2020-6494
Incorrect security UI in payments in Google Chrome on Android before 83.0.4103.97 allowed a remote malicious user to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
Google Chrome
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
9.1
CVSSv3
CVE-2019-9775
An issue exists in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function dwg_dxf_BLOCK_CONTROL at dwg.spec.
Gnu Libredwg 0.7.1645
Gnu Libredwg 0.7
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
5
CVSSv3
CVE-2020-8118
An authenticated server-side request forgery in Nextcloud server 16.0.1 allowed to detect local and remote services when adding a new subscription in the calendar application.
Nextcloud Nextcloud Server
Opensuse Backports Sle 15.0
Novell Suse Linux Enterprise Server 12.0
8.8
CVSSv3
CVE-2019-5057
An exploitable code execution vulnerability exists in the PCX image-rendering functionality of SDL2_image 2.0.4. A specially crafted PCX image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.
Libsdl Sdl2 Image 2.0.4
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
8.8
CVSSv3
CVE-2019-5058
An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image 2.0.4. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.
Libsdl Sdl2 Image 2.0.4
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »