Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian debian linux 7.0 vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2018-1000069
FreePlane version 1.5.9 and previous versions contains a XML External Entity (XXE) vulnerability in XML Parser in mindmap loader that can result in stealing data from victim's machine. This attack appears to require the victim to open a specially crafted mind map file. This ...
Freeplane Freeplane
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
5.4
CVSSv3
CVE-2017-17092
wp-includes/functions.php in WordPress prior to 4.9.1 does not require the unfiltered_html capability for upload of .js files, which might allow remote malicious users to conduct XSS attacks via a crafted file.
Wordpress Wordpress
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
9.8
CVSSv3
CVE-2018-7600
Drupal prior to 7.58, 8.x prior to 8.3.9, 8.4.x prior to 8.4.6, and 8.5.x prior to 8.5.1 allows remote malicious users to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.
Drupal Drupal
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
3 EDB exploits
62 Github repositories
2 Articles
9.8
CVSSv3
CVE-2018-7602
A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows malicious users to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to Drupal co...
Drupal Drupal
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
2 EDB exploits
8 Github repositories
8.8
CVSSv3
CVE-2017-16664
Code injection exists in Kernel/System/Spelling.pm in Open Ticket Request System (OTRS) 5 prior to 5.0.24, 4 prior to 4.0.26, and 3.3 prior to 3.3.20. In the agent interface, an authenticated remote attacker can execute shell commands as the webserver user via URL manipulation.
Otrs Otrs
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
9.8
CVSSv3
CVE-2017-1000421
Gifsicle gifview 1.89 and older is vulnerable to a use-after-free in the read_gif function resulting potential code execution
Lcdf Gifsicle
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
8.8
CVSSv3
CVE-2017-1000450
In opencv/modules/imgcodecs/src/utils.cpp, functions FillUniColor and FillUniGray do not check the input length, which can lead to integer overflow. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and previous versions.
Opencv Opencv
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.5
CVSSv3
CVE-2017-7651
In Eclipse Mosquitto 1.4.14, a user can shutdown the Mosquitto server simply by filling the RAM memory with a lot of connections with large payload. This can be done without authentications if occur in connection phase of MQTT protocol.
Eclipse Mosquitto
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
2 Github repositories
7.5
CVSSv3
CVE-2017-7652
In Eclipse Mosquitto 1.4.14, if a Mosquitto instance is set running with a configuration file, then sending a HUP signal to server triggers the configuration to be reloaded from disk. If there are lots of clients connected so that there are no more file descriptors/sockets availa...
Eclipse Mosquitto
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
6.1
CVSSv3
CVE-2017-6927
Drupal 8.4.x versions prior to 8.4.5 and Drupal 7.x versions prior to 7.57 has a Drupal.checkPlain() JavaScript function which is used to escape potentially dangerous text before outputting it to HTML (as JavaScript output does not typically go through Twig autoescaping). This fu...
Drupal Drupal
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »