Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bugzilla vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2015-8851
node-uuid prior to 1.4.4 uses insufficiently random data to create a GUID, which could make it easier for malicious users to have unspecified impact via brute force guessing.
Node-uuid Project Node-uuid
1 Github repository
7.5
CVSSv3
CVE-2015-0294
GnuTLS prior to 3.3.13 does not validate that the signature algorithms match when importing a certificate.
Gnu Gnutls
Debian Debian Linux 7.0
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux 7.0
4.3
CVSSv3
CVE-2014-8161
PostgreSQL prior to 9.0.19, 9.1.x prior to 9.1.15, 9.2.x prior to 9.2.10, 9.3.x prior to 9.3.6, and 9.4.x prior to 9.4.1 allows remote authenticated users to obtain sensitive column values by triggering constraint violation and then reading the error message.
Postgresql Postgresql
Debian Debian Linux 7.0
Debian Debian Linux 8.0
6.5
CVSSv3
CVE-2015-5239
Integer overflow in the VNC display driver in QEMU prior to 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop.
Qemu Qemu
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Fedoraproject Fedora 21
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Suse Linux Enterprise Server 11
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Debuginfo 11
Suse Linux Enterprise Server 12
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Desktop 12
Arista Eos 4.15
Arista Eos 4.14
Arista Eos 4.13
Arista Eos 4.12
7.5
CVSSv3
CVE-2015-1811
XML external entity (XXE) vulnerability in CloudBees Jenkins prior to 1.600 and LTS prior to 1.596.1 allows remote malicious users to read arbitrary XML files via a crafted XML document.
Jenkins Cloudbees
NA
CVE-2015-1850
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not an exploitable issue. Notes: none.
6.5
CVSSv3
CVE-2015-3147
daemon/abrt-handle-upload.in in Automatic Bug Reporting Tool (ABRT), when moving problem reports from /var/spool/abrt-upload, allows local users to write to arbitrary files or possibly have other unspecified impact via a symlink attack on (1) /var/spool/abrt or (2) /var/tmp/abrt.
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Automatic Bug Reporting Tool -
Redhat Enterprise Linux Server Eus 7.2
Redhat Enterprise Linux Server Eus 7.1
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Server Eus 7.7
Redhat Enterprise Linux Server Aus 7.7
Redhat Enterprise Linux Server Tus 7.7
7.8
CVSSv3
CVE-2015-3151
Directory traversal vulnerability in abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to read, write to, or change ownership of arbitrary files via unspecified vectors to the (1) NewProblem, (2) GetInfo, (3) SetElement, or (4) DeleteElement method.
Redhat Automatic Bug Reporting Tool -
7.1
CVSSv3
CVE-2015-3150
abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to delete or change the ownership of arbitrary files via the problem directory argument to the (1) ChownProblemDir, (2) DeleteElement, or (3) DeleteProblem method.
Redhat Automatic Bug Reporting Tool -
7.8
CVSSv3
CVE-2015-3159
The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool (ABRT) does not properly handle the process environment before invoking abrt-action-install-debuginfo, which allows local users to gain privileges.
Redhat Automatic Bug Reporting Tool -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »