Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pedro vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-6681
Pedro Lineu Orso chetcpasswd 2.3.3 does not have a rate limit for client requests, which might allow remote malicious users to determine passwords via a dictionary attack.
Chetcpasswd Chetcpasswd 2.3.3
NA
CVE-2002-2219
chetcpasswd.cgi in Pedro Lineu Orso chetcpasswd prior to 2.1 allows remote malicious users to read the last line of the shadow file via a long user (userid) field.
Chetcpasswd Chetcpasswd 2.1
1 EDB exploit
NA
CVE-2006-6680
Pedro Lineu Orso chetcpasswd prior to 2.3.1 does not document the need for 0400 permissions on /etc/chetcpasswd.allow, which might allow local users to gain sensitive information by reading this file.
Chetcpasswd Chetcpasswd 2.2.1
7.5
CVSSv3
CVE-2006-6679
Pedro Lineu Orso chetcpasswd prior to 2.4 relies on the X-Forwarded-For HTTP header when verifying a client's status on an IP address ACL, which allows remote malicious users to gain unauthorized access by spoofing this header.
Chetcpasswd Project Chetcpasswd
NA
CVE-2002-2221
Untrusted search path vulnerability in Pedro Lineu Orso chetcpasswd 2.4.1 and previous versions allows local users to gain privileges via a modified PATH that references a malicious cp binary. NOTE: this issue might overlap CVE-2006-6639.
Chetcpasswd Chetcpasswd 2.3.1
Chetcpasswd Chetcpasswd 2.3.3
Chetcpasswd Chetcpasswd 2.4.1
NA
CVE-2006-6682
Pedro Lineu Orso chetcpasswd 2.3.3 provides a different error message when a request with a valid username fails, compared to a request with an invalid username, which allows remote malicious users to determine valid usernames on the system.
Chetcpasswd Project Chetcpasswd 2.3.3
NA
CVE-2013-1056
X.org X server 1.13.3 and previous versions, when not run as root, allows local users to cause a denial of service (crash) or possibly gain privileges via vectors involving cached xkb files.
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
NA
CVE-2014-1691
The framework/Util/lib/Horde/Variables.php script in the Util library in Horde prior to 5.1.1 allows remote malicious users to conduct object injection attacks and execute arbitrary PHP code via a crafted serialized object in the _formvars form.
Horde Horde Application Framework 5.0.4
Horde Horde Application Framework 5.0.2
Horde Horde Application Framework 5.0.1
Horde Horde Application Framework 5.0.0
Horde Horde Application Framework
Horde Horde Application Framework 5.0.3
1 EDB exploit
8.8
CVSSv3
CVE-2021-44648
GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12.
Gnome Gdkpixbuf 2.42.6
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 11.0
7.8
CVSSv3
CVE-2021-46829
GNOME GdkPixbuf (aka GDK-PixBuf) prior to 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c composite_frame. This overflow is controllable and could be abused for code execution, especially on 32-bit...
Gnome Gdk-pixbuf
Fedoraproject Fedora 35
Debian Debian Linux 11.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »