Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 23 vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2016-1000110
The CGIHandler class in Python prior to 2.7.12 does not protect against the HTTP_PROXY variable name clash in a CGI script, which could allow a remote malicious user to redirect HTTP requests.
Python Python
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 23
1 Article
6.1
CVSSv3
CVE-2016-2228
Cross-site scripting (XSS) vulnerability in horde/templates/topbar/_menubar.html.php in Horde Groupware prior to 5.2.12 and Horde Groupware Webmail Edition prior to 5.2.12 allows remote malicious users to inject arbitrary web script or HTML via the searchfield parameter, as demon...
Debian Debian Linux 8.0
Horde Horde Groupware
Horde Groupware
Fedoraproject Fedora 22
Fedoraproject Fedora 23
6.1
CVSSv3
CVE-2015-8807
Cross-site scripting (XSS) vulnerability in the _renderVarInput_number function in horde/framework/Core/lib/Horde/Core/Ui/VarRenderer/Html.php in Horde Groupware prior to 5.2.12 and Horde Groupware Webmail Edition prior to 5.2.12 allows remote malicious users to inject arbitrary ...
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Horde Groupware 5.2.11
Debian Debian Linux 8.0
6.1
CVSSv3
CVE-2016-0725
Cross-site scripting (XSS) vulnerability in the search_pagination function in course/classes/management_renderer.php in Moodle 2.8.x prior to 2.8.10, 2.9.x prior to 2.9.4, and 3.0.x prior to 3.0.2 allows remote malicious users to inject arbitrary web script or HTML via a crafted ...
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Moodle Moodle 2.8.3
Moodle Moodle 2.8.7
Moodle Moodle 2.8.9
Moodle Moodle 2.8.4
Moodle Moodle 2.8.6
Moodle Moodle 3.0.1
Moodle Moodle 2.8.8
Moodle Moodle 3.0.0
Moodle Moodle 2.9.1
Moodle Moodle 2.8.1
Moodle Moodle 2.8.5
Moodle Moodle 2.9.2
Moodle Moodle 2.9.3
Moodle Moodle 2.8.2
Moodle Moodle 2.8.0
Moodle Moodle 2.9.0
6.1
CVSSv3
CVE-2016-1926
Cross-site scripting (XSS) vulnerability in the charts module in Greenbone Security Assistant (GSA) 6.x prior to 6.0.8 allows remote malicious users to inject arbitrary web script or HTML via the aggregate_type parameter in a get_aggregate command to omp.
Greenbone Greenbone Security Assistant 6.0.2
Greenbone Greenbone Security Assistant 6.0.6
Greenbone Greenbone Security Assistant 6.0.0
Greenbone Greenbone Security Assistant 6.0.3
Greenbone Greenbone Security Assistant 6.0.4
Greenbone Greenbone Security Assistant 6.0.5
Greenbone Greenbone Security Assistant 6.0.1
Greenbone Greenbone Security Assistant 6.0.7
Greenbone Greenbone Os 3.1.6
Greenbone Greenbone Os 3.1.21
Greenbone Greenbone Os 3.1.17
Greenbone Greenbone Os 3.1.11
Greenbone Greenbone Os 3.1.10
Greenbone Greenbone Os 3.1.16
Greenbone Greenbone Os 3.1.19
Greenbone Greenbone Os 3.1.9
Greenbone Greenbone Os 3.1.1
Greenbone Greenbone Os 3.1.7
Greenbone Greenbone Os 3.1.14
Greenbone Greenbone Os 3.1.15
Greenbone Greenbone Os 3.1.12
Greenbone Greenbone Os 3.1.18
6
CVSSv3
CVE-2016-4037
The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular split isochronous transfer descriptor (siTD) list, a related issue to CVE-2015-8558.
Fedoraproject Fedora 22
Fedoraproject Fedora 24
Fedoraproject Fedora 23
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Qemu Qemu
Qemu Qemu 2.6.0
Debian Debian Linux 8.0
5.9
CVSSv3
CVE-2023-5981
A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.
Gnu Gnutls 1.5.0
Redhat Linux 8.0
Redhat Linux 9.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
5.9
CVSSv3
CVE-2016-4008
The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 prior to 4.8, when used without the ASN1_DECODE_FLAG_STRICT_DER flag, allows remote malicious users to cause a denial of service (infinite recursion) via a crafted certificate.
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Opensuse Opensuse 13.2
Gnu Libtasn1
Fedoraproject Fedora 22
Fedoraproject Fedora 24
Fedoraproject Fedora 23
5.9
CVSSv3
CVE-2016-2316
chan_sip in Asterisk Open Source 1.8.x, 11.x prior to 11.21.1, 12.x, and 13.x prior to 13.7.1 and Certified Asterisk 1.8.28, 11.6 prior to 11.6-cert12, and 13.1 prior to 13.1-cert3, when the timert1 sip.conf configuration is set to a value greater than 1245, allows remote malicio...
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Digium Asterisk 1.8.3
Digium Asterisk 1.8.8.0
Digium Asterisk 13.1.0
Digium Asterisk 1.8.11.0
Digium Asterisk 1.8.24.1
Digium Asterisk 12.0.0
Digium Asterisk 1.8.2.4
Digium Certified Asterisk 11.6
Digium Certified Asterisk 13.1.0
Digium Asterisk 1.8.20.2
Digium Asterisk 1.8.0
Digium Asterisk 13.7.0
Digium Asterisk 1.8.6.0
Digium Asterisk 12.3.1
Digium Asterisk 1.8.1
Digium Asterisk 11.21.0
Digium Asterisk 1.8.1.2
Digium Asterisk 11.8.0
Digium Asterisk 1.8.7.1
Digium Asterisk 11.0.0
5.9
CVSSv3
CVE-2016-1231
Directory traversal vulnerability in the HTTP file-serving module (mod_http_files) in Prosody 0.9.x prior to 0.9.9 allows remote malicious users to read arbitrary files via a .. (dot dot) in an unspecified path.
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Prosody Prosody 0.9.3
Prosody Prosody 0.9.6
Prosody Prosody 0.9.5
Prosody Prosody 0.9.2
Prosody Prosody 0.9.7
Prosody Prosody 0.9.0
Prosody Prosody 0.9.4
Prosody Prosody 0.9.1
Prosody Prosody 0.9.8
Debian Debian Linux 8.0
Debian Debian Linux 7.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4541
CVE-2024-3080
CVE-2024-4787
log injection
CVE-2024-5967
inject
CVE-2024-30078
CVE-2024-5899
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »