Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian debian linux 2.2 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2002-0401
SMB dissector in Ethereal 0.9.3 and previous versions allows remote malicious users to cause a denial of service (crash) or execute arbitrary code via malformed packets that cause Ethereal to dereference a NULL pointer.
Ethereal Ethereal
Debian Debian Linux 2.2
7.3
CVSSv3
CVE-2021-44420
In Django 2.2 prior to 2.2.25, 3.1 prior to 3.1.14, and 3.2 prior to 3.2.10, HTTP requests for URLs with trailing newlines could bypass upstream access control based on URL paths.
Djangoproject Django
Redhat Satellite 6.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 21.04
Canonical Ubuntu Linux 21.10
Fedoraproject Fedora 35
6.8
CVSSv3
CVE-2017-13084
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
Freebsd Freebsd 11
Freebsd Freebsd 11.1
Redhat Enterprise Linux Desktop 7
Freebsd Freebsd
Canonical Ubuntu Linux 17.04
Canonical Ubuntu Linux 16.04
Freebsd Freebsd 10
Freebsd Freebsd 10.4
Opensuse Leap 42.3
Opensuse Leap 42.2
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Canonical Ubuntu Linux 14.04
Redhat Enterprise Linux Server 7
W1.fi Hostapd 2.3
W1.fi Hostapd 2.2
W1.fi Hostapd 0.6.9
W1.fi Hostapd 0.6.8
W1.fi Hostapd 0.4.10
W1.fi Hostapd 0.4.9
W1.fi Hostapd 0.4.8
W1.fi Hostapd 0.2.6
1 Article
6.5
CVSSv3
CVE-2021-40491
The ftp client in GNU Inetutils prior to 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address. This is similar to CVE-2020-8284 for curl.
Gnu Inetutils
Debian Debian Linux 10.0
6.1
CVSSv3
CVE-2022-22818
The {% debug %} template tag in Django 2.2 prior to 2.2.27, 3.2 prior to 3.2.12, and 4.0 prior to 4.0.2 does not properly encode the current context. This may lead to XSS.
Djangoproject Django
Fedoraproject Fedora 35
Debian Debian Linux 11.0
6.1
CVSSv3
CVE-2020-13596
An issue exists in Django 2.2 prior to 2.2.13 and 3.0 prior to 3.0.7. Query parameters generated by the Django admin ForeignKeyRawIdWidget were not properly URL encoded, leading to a possibility of an XSS attack.
Djangoproject Django
Fedoraproject Fedora 32
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Netapp Steelstore Cloud Integrated Storage -
Netapp Sra Plugin -
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Oracle Zfs Storage Appliance Kit 8.8
1 Github repository
5.9
CVSSv3
CVE-2020-13254
An issue exists in Django 2.2 prior to 2.2.13 and 3.0 prior to 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage.
Djangoproject Django
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Fedoraproject Fedora 32
Netapp Steelstore Cloud Integrated Storage -
Netapp Sra Plugin -
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Oracle Zfs Storage Appliance Kit 8.8
2 Github repositories
5.9
CVSSv3
CVE-2015-1855
verify_certificate_identity in the OpenSSL extension in Ruby prior to 2.0.0 patchlevel 645, 2.1.x prior to 2.1.6, and 2.2.x prior to 2.2.2 does not properly validate hostnames, which allows remote malicious users to spoof servers via vectors related to (1) multiple wildcards, (1)...
Ruby-lang Ruby 2.0.0
Ruby-lang Ruby
Ruby-lang Trunk
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Puppet Puppet Agent 1.0.0
Puppet Puppet Enterprise
1 Github repository
5.9
CVSSv3
CVE-2013-4584
Perdition prior to 2.2 may have weak security when handling outbound connections, caused by an error in the STARTTLS IMAP and POP server. ssl_outgoing_ciphers not being applied to STARTTLS connections
Horms Perdition
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
5.6
CVSSv3
CVE-2017-5753
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
Intel Atom C C2308
Intel Atom C C2316
Intel Atom C C2338
Intel Atom C C2350
Intel Atom C C2358
Intel Atom C C2508
Intel Atom C C2516
Intel Atom C C2518
Intel Atom C C2530
Intel Atom C C2538
Intel Atom C C2550
Intel Atom C C2558
Intel Atom C C2718
Intel Atom C C2730
Intel Atom C C2738
Intel Atom C C2750
Intel Atom C C2758
Intel Atom C C3308
Intel Atom C C3338
Intel Atom C C3508
Intel Atom C C3538
Intel Atom C C3558
1 EDB exploit
42 Github repositories
9 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »