Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
alpine vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2017-9671
A heap overflow in apk (Alpine Linux's package manager) allows a remote malicious user to cause a denial of service, or achieve code execution, by crafting a malicious APKINDEX.tar.gz file with a bad pax header block.
Alpinelinux Alpine Linux -
1 Article
7.5
CVSSv3
CVE-2022-23553
Alpine is a scaffolding library in Java. Alpine prior to version 1.10.4 allows URL access filter bypass. This issue has been fixed in version 1.10.4. There are no known workarounds.
Alpine Project Alpine
7.5
CVSSv3
CVE-2021-30139
In Alpine Linux apk-tools prior to 2.12.5, the tarball parser allows a buffer overflow and crash.
2 Github repositories
7.5
CVSSv3
CVE-2020-14929
Alpine prior to 2.23 silently proceeds to use an insecure connection after a /tls is sent in certain circumstances involving PREAUTH, which is a less secure behavior than the alternative of closing the connection and letting the user decide what they would like to do.
Alpine Project Alpine
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 8.0
7.5
CVSSv3
CVE-2014-0160
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 prior to 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote malicious users to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrat...
Openssl Openssl
Filezilla-project Filezilla Server
Siemens Application Processing Engine Firmware 2.0
Siemens Cp 1543-1 Firmware 1.1
Siemens Simatic S7-1500 Firmware 1.5
Siemens Simatic S7-1500t Firmware 1.5
Siemens Elan-8.2
Siemens Wincc Open Architecture 3.12
Intellian V100 Firmware 1.20
Intellian V100 Firmware 1.21
Intellian V100 Firmware 1.24
Intellian V60 Firmware 1.15
Intellian V60 Firmware 1.25
Mitel Micollab 6.0
Mitel Micollab 7.0
Mitel Micollab 7.1
Mitel Micollab 7.2
Mitel Micollab 7.3.0.104
Mitel Micollab 7.3
Mitel Mivoice 1.1.3.3
Mitel Mivoice 1.2.0.11
Mitel Mivoice 1.3.2.2
4 EDB exploits
2 Nmap scripts
307 Github repositories
4 Articles
6.7
CVSSv3
CVE-2020-15596
The ALPS ALPINE touchpad driver prior to 8.2206.1717.634, as used on various Dell, HP, and Lenovo laptops, allows malicious users to conduct Path Disclosure attacks via a "fake" DLL file.
Hp Elite X2 1012 G1 Firmware
Hp Elite X2 1012 G2 Firmware
Hp Elitebook 1030 G1 Firmware
Hp Elitebook 1040 G4 Firmware
Hp Elitebook Folio 1040 G3 Firmware
Hp Elitebook Folio G1 Firmware
Hp Elitebook Revolve 810 G2 Firmware
Hp Elitebook Revolve 810 G3 Firmware
Hp Elitebook X360 1020 G2 Firmware
Hp Elitebook X360 1030 G2 Firmware
Hp Pro X2 612 G2 Firmware
Hp Zbook Studio G3 Firmware
Hp Zbook Studio G4 Firmware
Hp Zbook X2 G4 Firmware
6.5
CVSSv3
CVE-2015-9432
The alpine-photo-tile-for-instagram plugin prior to 1.2.7.6 for WordPress has CSRF with resultant XSS via the wp-admin/options-general.php?page=alpine-photo-tile-for-instagram-settings tab parameter.
Thealpinepress Alpine-photo-tile-for-instagram
6.5
CVSSv3
CVE-2019-12875
Alpine Linux abuild up to and including 3.4.0 allows an unprivileged member of the abuild group to add an untrusted package via a --keys-dir option that causes acceptance of an untrusted signing key.
Alpinelinux Abuild
6.1
CVSSv3
CVE-2017-20087
A vulnerability, which was classified as problematic, has been found in Alpine PhotoTile for Instagram Plugin 1.2.7.7. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting. The attack may be launched remotely.
Thealpinepress Alpine-photo-tile-for-instagram 1.2.7.7
5.9
CVSSv3
CVE-2021-46853
Alpine prior to 2.25 allows remote malicious users to cause a denial of service (application crash) when LIST or LSUB is sent before STARTTLS.
Alpine Project Alpine
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »