Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
CVE-2020-13434 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2021-21704
In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using Firebird PDO driver extension, a malicious database server could cause crashes in various database functions, such as getAttribute(), execute(), fetch() and others by returning invalid respon...
Php Php
Netapp Clustered Data Ontap -
445
VMScore
CVE-2021-21705
In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using URL validation functionality via filter_var() function with FILTER_VALIDATE_URL parameter, an URL with invalid password field can be accepted as valid. This can lead to the code incorrectly p...
Php Php
Netapp Clustered Data Ontap -
Oracle Sd-wan Aware 8.2
580
VMScore
CVE-2021-23358
The package underscore from 1.13.0-0 and prior to 1.13.0-2, from 1.3.2 and prior to 1.12.1 are vulnerable to Arbitrary Code Injection via the template function, particularly when a variable property is passed as an argument as it is not sanitized.
Underscorejs Underscore
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Tenable Tenable.sc
Fedoraproject Fedora 33
Fedoraproject Fedora 34
5 Github repositories
445
VMScore
CVE-2020-7071
In PHP versions 7.3.x below 7.3.26, 7.4.x below 7.4.14 and 8.0.0, when validating URL with functions like filter_var($url, FILTER_VALIDATE_URL), PHP will accept an URL with invalid password as valid URL. This may lead to functions that rely on URL being valid to mis-parse the URL...
Php Php
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Clustered Data Ontap -
445
VMScore
CVE-2021-21702
In PHP versions 7.3.x below 7.3.27, 7.4.x below 7.4.15 and 8.0.x below 8.0.2, when using SOAP extension to connect to a SOAP server, a malicious SOAP server could return malformed XML data as a response that would cause PHP to access a null pointer and thus cause a crash.
Php Php
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Clustered Data Ontap -
Oracle Communications Diameter Signaling Router
570
VMScore
CVE-2020-7069
In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and incorrect encryption data.
Php Php
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 12.04
Netapp Clustered Data Ontap -
Oracle Communications Diameter Signaling Router
Tenable Tenable.sc
445
VMScore
CVE-2020-7070
In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like __Host confused with cookies that decode to such prefix, thus leading t...
Php Php
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 12.04
Netapp Clustered Data Ontap -
Tenable Tenable.sc
294
VMScore
CVE-2020-7068
In PHP versions 7.2.x below 7.2.33, 7.3.x below 7.3.21 and 7.4.x below 7.4.9, while processing PHAR files using phar extension, phar_parse_zipfile could be tricked into accessing freed memory, which could lead to a crash or information disclosure.
Php Php
Debian Debian Linux 10.0
Tenable Tenable.sc
188
VMScore
CVE-2020-13434
SQLite up to and including 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c.
Sqlite Sqlite
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 32
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Freebsd Freebsd 12.0
Freebsd Freebsd 12.1
Freebsd Freebsd 11.4
Freebsd Freebsd
Oracle Outside In Technology 8.5.5
Oracle Communications Network Charging And Control 6.0.1
Oracle Communications Network Charging And Control
Oracle Communications Cloud Native Core Policy 1.14.0
Apple Iphone Os
Apple Watchos
Apple Tvos
Apple Ipados
Apple Icloud
Apple Itunes
2 Github repositories
445
VMScore
CVE-2019-11048
In PHP versions 7.2.x below 7.2.31, 7.3.x below 7.3.18 and 7.4.x below 7.4.6, when HTTP file uploads are allowed, supplying overly long filenames or field names could lead PHP engine to try to allocate oversized memory storage, hit the memory limit and stop processing the request...
Php Php
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »