Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
backports vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-34967
A Type Confusion vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types ...
Samba Samba
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
NA
CVE-2023-34968
A path disclosure vulnerability was found in Samba. As part of the Spotlight protocol, Samba discloses the server-side absolute path of shares, files, and directories in the results for search queries. This flaw allows a malicious client or an attacker with a targeted RPC request...
Samba Samba
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Redhat Enterprise Linux 8.0
Redhat Storage 3.0
Redhat Enterprise Linux 9.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
NA
CVE-2023-33466
Orthanc prior to 1.12.0 allows authenticated users with access to the Orthanc API to overwrite arbitrary files on the file system, and in specific deployment scenarios allows the malicious user to overwrite the configuration, which can be exploited to trigger Remote Code Executio...
Orthanc-server Orthanc
NA
CVE-2022-45142
The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches (and possibly other branch...
Heimdal Project Heimdal 7.8.0
Heimdal Project Heimdal 7.7.1
NA
CVE-2021-46872
An issue exists in Nim prior to 1.6.2. The RST module of the Nim language stdlib, as used in NimForum and other products, permits the javascript: URI scheme and thus can lead to XSS in some applications. (Nim versions 1.6.2 and later are fixed; there may be backports of the fix t...
Nim-lang Nimforum
Nim-lang Nim
NA
CVE-2022-3437
A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory w...
Samba Samba
Fedoraproject Fedora 36
Fedoraproject Fedora 37
NA
CVE-2022-21950
A Improper Access Control vulnerability in the systemd service of cana in openSUSE Backports SLE-15-SP3, openSUSE Backports SLE-15-SP4 allows local users to hijack the UNIX domain socket This issue affects: openSUSE Backports SLE-15-SP3 canna versions prior to canna-3.7p3-bp153.2...
Opensuse Canna
Opensuse Canna 3.7p3
4.6
CVSSv2
CVE-2021-45082
An issue exists in Cobbler prior to 3.3.1. In the templar.py file, the function check_for_invalid_imports can allow Cheetah code to import Python modules via the "#from MODULE import" substring. (Only lines beginning with #import are blocked.)
Cobbler Project Cobbler
Suse Linux Enterprise Server 11
Opensuse Factory -
Suse Linux Enterprise Server 12
Suse Linux Enterprise Server 15
Opensuse Backports Sle-15
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
7.2
CVSSv2
CVE-2022-21944
A UNIX Symbolic Link (Symlink) Following vulnerability in the systemd service file for watchman of openSUSE Backports SLE-15-SP3, Factory allows local malicious users to escalate to root. This issue affects: openSUSE Backports SLE-15-SP3 watchman versions before 4.9.0. openSUSE F...
Opensuse Factory Watchman
4.3
CVSSv2
CVE-2021-46141
An issue exists in uriparser prior to 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner.
Uriparser Project Uriparser
Fedoraproject Fedora 34
Fedoraproject Extra Packages For Enterprise Linux 8.0
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Opensuse Backports Sle-15
Opensuse Factory -
Opensuse Leap 15.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3201
CVE-2024-4779
CVE-2024-35090
CVE-2024-5084
hard-coded
CVE-2024-4985
HTML injection
CVE-2024-33655
local file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »