Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian vulnerabilities and exploits
(subscribe to this query)
935
VMScore
CVE-2008-3162
Stack-based buffer overflow in the str_read_packet function in libavformat/psxstr.c in FFmpeg before r13993 allows remote malicious users to cause a denial of service (application crash) or execute arbitrary code via a crafted STR file that interleaves audio and video sectors.
Ffmpeg Ffmpeg 0.4.2
Ffmpeg Ffmpeg 0.4.3
Ffmpeg Ffmpeg 0.3.2
Ffmpeg Ffmpeg 0.3.3
Ffmpeg Ffmpeg 0.4.6
Ffmpeg Ffmpeg 0.4.7
Ffmpeg Ffmpeg 0.3.4
Ffmpeg Ffmpeg 0.4.0
Ffmpeg Ffmpeg 0.4.8
Ffmpeg Ffmpeg 0.4.9
Ffmpeg Ffmpeg 0.3
Ffmpeg Ffmpeg 0.3.1
Ffmpeg Ffmpeg 0.4.4
Ffmpeg Ffmpeg 0.4.5
1 EDB exploit
905
VMScore
CVE-2017-16921
In OTRS 6.0.x up to and including 6.0.1, OTRS 5.0.x up to and including 5.0.24, and OTRS 4.0.x up to and including 4.0.26, an attacker who is logged into OTRS as an agent can manipulate form parameters (related to PGP) and execute arbitrary shell commands with the permissions of ...
Otrs Otrs 4.0.24
Otrs Otrs 4.0.22
Otrs Otrs 4.0.15
Otrs Otrs 4.0.13
Otrs Otrs 4.0.6
Otrs Otrs 4.0.4
Otrs Otrs 5.0.23
Otrs Otrs 5.0.21
Otrs Otrs 5.0.14
Otrs Otrs 5.0.12
Otrs Otrs 5.0.5
Otrs Otrs 5.0.3
Otrs Otrs 5.0.0
Otrs Otrs 6.0.0
Otrs Otrs 4.0.20
Otrs Otrs 4.0.19
Otrs Otrs 4.0.18
Otrs Otrs 4.0.17
Otrs Otrs 4.0.16
Otrs Otrs 4.0.3
Otrs Otrs 4.0.2
Otrs Otrs 4.0.1
1 EDB exploit
893
VMScore
CVE-2020-7247
smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote malicious users to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the "uncomm...
Openbsd Opensmtpd 6.6
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 32
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
9 Github repositories
1 Article
892
VMScore
CVE-2022-1292
The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the ...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Santricity Smi-s Provider -
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Clustered Data Ontap -
Netapp Smi-s Provider -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Solidfire \\& Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Netapp Snapmanager -
Netapp A700s Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
7 Github repositories
1 Article
892
VMScore
CVE-2022-23221
H2 Console prior to 2.1.210 allows remote malicious users to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNORE_UNKNOWN_SETTINGS=TRUE;FORBID_CREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392.
H2database H2
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Oracle Communications Cloud Native Core Console 1.9.0
5 Github repositories
892
VMScore
CVE-2021-42392
The org.h2.util.JdbcUtils.getConnection method of the H2 database takes as parameters the class name of the driver and URL of the database. An attacker may pass a JNDI driver name and a URL leading to a LDAP or RMI servers, causing remote code execution. This can be exploited thr...
H2database H2
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Oracle Communications Cloud Native Core Policy 1.15.0
8 Github repositories
892
VMScore
CVE-2019-15846
Exim prior to 4.92.2 allows remote malicious users to execute arbitrary code as root via a trailing backslash.
Exim Exim
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
5 Github repositories
2 Articles
892
VMScore
CVE-2012-0470
Heap-based buffer overflow in the nsSVGFEDiffuseLightingElement::LightPixel function in Mozilla Firefox 4.x up to and including 11.0, Firefox ESR 10.x prior to 10.0.4, Thunderbird 5.0 up to and including 11.0, Thunderbird ESR 10.x prior to 10.0.4, and SeaMonkey prior to 2.9 allow...
Mozilla Firefox 4.0
Mozilla Firefox 5.0.1
Mozilla Firefox 6.0
Mozilla Firefox 9.0
Mozilla Firefox 9.0.1
Mozilla Firefox 4.0.1
Mozilla Firefox 6.0.1
Mozilla Firefox 6.0.2
Mozilla Firefox 10.0
Mozilla Firefox 10.0.1
Mozilla Firefox 10.0.2
Mozilla Firefox 5.0
Mozilla Firefox 8.0
Mozilla Firefox 8.0.1
Mozilla Firefox 7.0
Mozilla Firefox 7.0.1
Mozilla Firefox 11.0
Mozilla Firefox Esr 10.0.2
Mozilla Firefox Esr 10.0.3
Mozilla Firefox Esr 10.0
Mozilla Firefox Esr 10.0.1
Mozilla Thunderbird 7.0
891
VMScore
CVE-2019-14901
A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x prior to 4.18.0, in Marvell WiFi chip driver. The vulnerability allows a remote malicious user to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat...
Linux Linux Kernel
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 8.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
891
VMScore
CVE-2019-15505
drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel up to and including 5.2.9 has an out-of-bounds read via crafted USB device traffic (which may be remote via usbip or usbredir).
Linux Linux Kernel
Debian Debian Linux 8.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »