Vulmon
Recent Vulnerabilities
Trends
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
cve-2020-8616 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2020-8616
A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to...
Isc
Bind
Debian
Debian Linux
NA
CVE-2020-8617
Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers...
Isc
Bind
Debian
Debian Linux
2 Github repositories available
383
VMScore
CVE-2016-8616
A flaw was found in curl before version 7.51.0 When re-using a connection, curl was doing case insensitive comparisons of user name and password with the existing connections. This means that if an unused connection with proper credentials exists for a protocol that has...
Haxx
Curl
383
VMScore
CVE-2014-8616
Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiOS 5.2.x before 5.2.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to the (1) user group or (2) vpn template menus....
Fortinet
Fortios
445
VMScore
CVE-2013-2020
Integer underflow in the cli_scanpe function in pe.c in ClamAV before 0.97.8 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an out-of-bounds read....
Clamav
Canonical
Ubuntu Linux
Suse
Linux Enterprise Server
383
VMScore
CVE-2013-2021
pdf.c in ClamAV 0.97.1 through 0.97.7 allows remote attackers to cause a denial of service (out-of-bounds-read) via a crafted length value in an encrypted PDF file....
Clamav
Canonical
Ubuntu Linux
Suse
Linux Enterprise Server
NA
CVE-2017-2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none....
NA
CVE-2019-6477
With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining enabled. A client using a TCP-pipelined connection to a server could consume more resources than the server has been...
Isc
Bind
Fedoraproject
Fedora
1 Github repository available
445
VMScore
CVE-2014-2020
ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check data types, which might allow remote attackers to obtain sensitive information by using a (1) string or (2) array data type in place of a numeric data type, as demonstrated by an imagecrop function call with a string for the x...
Php
606
VMScore
CVE-2013-7226
Integer overflow in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an imagecrop function call with a large x dimension value, leading to a...
Php
2 Github repositories available
1 Article available
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2019-0708
CVE-2020-13693
CVE-2020-10959
information disclosure
CVE-2020-13659
CVE-2020-13754
quickbox
CSRF
multi server
XML external entity
docker
verizon
CVE-2019-12027
1
2
3
4
5
NEXT »
Vulmon