Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
backports vulnerabilities and exploits
(subscribe to this query)
9.1
CVSSv3
CVE-2019-9775
An issue exists in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function dwg_dxf_BLOCK_CONTROL at dwg.spec.
Gnu Libredwg 0.7.1645
Gnu Libredwg 0.7
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
7.5
CVSSv3
CVE-2019-9777
An issue exists in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dxf_header_write at header_variables_dxf.spec.
Gnu Libredwg 0.7.1645
Gnu Libredwg 0.7
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
7.5
CVSSv3
CVE-2019-9778
An issue exists in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dwg_dxf_LTYPE at dwg.spec.
Gnu Libredwg 0.7.1645
Gnu Libredwg 0.7
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
7.5
CVSSv3
CVE-2019-9779
An issue exists in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LTYPE at dwg.spec (earlier than CVE-2019-9776).
Gnu Libredwg 0.7.1645
Gnu Libredwg 0.7
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
8.8
CVSSv3
CVE-2020-24972
The Kleopatra component prior to 3.1.12 (and prior to 20.07.80) for GnuPG allows remote malicious users to execute arbitrary code because openpgp4fpr: URLs are supported without safe handling of command-line options. The Qt platformpluginpath command-line option can be used to lo...
Kleopatra Project Kleopatra
Fedoraproject Fedora 32
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
7.5
CVSSv3
CVE-2020-6095
An exploitable denial of service vulnerability exists in the GstRTSPAuth functionality of GStreamer/gst-rtsp-server 1.14.5. A specially crafted RTSP setup request can cause a null pointer deference resulting in denial-of-service. An attacker can send a malicious packet to trigger...
Gstreamer Project Gst-rtsp-server 1.14.5
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
5
CVSSv3
CVE-2020-8118
An authenticated server-side request forgery in Nextcloud server 16.0.1 allowed to detect local and remote services when adding a new subscription in the calendar application.
Nextcloud Nextcloud Server
Opensuse Backports Sle 15.0
Novell Suse Linux Enterprise Server 12.0
7.5
CVSSv3
CVE-2020-12672
GraphicsMagick up to and including 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c.
Graphicsmagick Graphicsmagick
Debian Debian Linux 8.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
5.9
CVSSv3
CVE-2019-16779
In RubyGem excon prior to 0.71.0, there was a race condition around persistent connections, where a connection which is interrupted (such as by a timeout) would leave data on the socket. Subsequent requests would then read this data, returning content from the previous response. ...
Excon Project Excon
Opensuse Backports Sle 15.0
Opensuse Leap 15.1
Debian Debian Linux 8.0
5.3
CVSSv3
CVE-2020-8228
A missing rate limit in the Preferred Providers app 1.7.0 allowed an malicious user to set the password an uncontrolled amount of times.
Nextcloud Preferred Providers 1.7.0
Opensuse Backports Sle 15.0
Opensuse Leap 15.1
Opensuse Leap 15.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »