Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 19 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-1695
A flaw was found in all resteasy 3.x.x versions before 3.12.0.Final and all resteasy 4.x.x versions before 4.6.0.Final, where an improper input validation results in returning an illegal header that integrates into the server's response. This flaw may result in an injection,...
Redhat Resteasy
Fedoraproject Fedora 32
Fedoraproject Fedora 33
1 Github repository
7.5
CVSSv2
CVE-2014-8089
SQL injection vulnerability in Zend Framework prior to 1.12.9, 2.2.x prior to 2.2.8, and 2.3.x prior to 2.3.3, when using the sqlsrv PHP extension, allows remote malicious users to execute arbitrary SQL commands via a null byte.
Zend Zend Framework
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 7.0
Fedoraproject Fedora 19
Fedoraproject Fedora 20
Fedoraproject Fedora 21
5
CVSSv2
CVE-2013-4572
The CentralNotice extension for MediaWiki prior to 1.19.9, 1.20.x prior to 1.20.8, and 1.21.x prior to 1.21.3 sets the Cache-Control header to cache session cookies when a user is autocreated, which allows remote malicious users to authenticate as the created user.
Mediawiki Mediawiki
Fedoraproject Fedora 18
Fedoraproject Fedora 19
5
CVSSv2
CVE-2010-5304
A NULL pointer dereference flaw was found in the way LibVNCServer prior to 0.9.9 handled certain ClientCutText message. A remote attacker could use this flaw to crash the VNC server by sending a specially crafted ClientCutText message from a VNC client.
Libvncserver Project Libvncserver
Fedoraproject Fedora 19
Fedoraproject Fedora 20
Fedoraproject Fedora 21
6.4
CVSSv2
CVE-2019-20444
HttpObjectDecoder.java in Netty prior to 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interpreted as an "invalid fold."
Netty Netty
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 33
Canonical Ubuntu Linux 18.04
Redhat Jboss Amq Clients 2
Redhat Jboss Enterprise Application Platform 7.2
Redhat Jboss Enterprise Application Platform 7.3
6.4
CVSSv2
CVE-2019-20445
HttpObjectDecoder.java in Netty prior to 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header.
Netty Netty
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 33
Canonical Ubuntu Linux 18.04
Redhat Jboss Amq Clients 2
Redhat Jboss Enterprise Application Platform 7.2
Redhat Jboss Enterprise Application Platform 7.3
Apache Spark 2.4.7
Apache Spark 2.4.8
4.3
CVSSv2
CVE-2013-0294
packet.py in pyrad prior to 2.1 uses weak random numbers to generate RADIUS authenticators and hash passwords, which makes it easier for remote malicious users to obtain sensitive information via a brute force attack.
Pyrad Project Pyrad
Fedoraproject Fedora 18
Fedoraproject Fedora 19
Fedoraproject Fedora 20
7.5
CVSSv2
CVE-2013-1437
Eval injection vulnerability in the Module-Metadata module prior to 1.000015 for Perl allows remote malicious users to execute arbitrary Perl code via the $Version value.
Module-metadata Project Module-metadata
Fedoraproject Fedora 18
Fedoraproject Fedora 19
5
CVSSv2
CVE-2014-2581
Smb4K prior to 1.1.1 allows remote malicious users to obtain credentials via vectors related to the cuid option in the "Additional options" line edit.
Smb4k Project Smb4k
Fedoraproject Fedora 19
Fedoraproject Fedora 20
5
CVSSv2
CVE-2020-7238
Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace (such as a [space]Transfer-Encoding:chunked line) and a later Content-Length header. This issue exists because of an incomplete fix for CVE-2019-16869.
Netty Netty 4.1.43
Fedoraproject Fedora 33
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Redhat Jboss Enterprise Application Platform 7.2
Redhat Jboss Enterprise Application Platform Text-only Advisories -
Redhat Jboss Enterprise Application Platform 7.3
Redhat Openshift Application Runtimes Text-only Advisories -
Redhat Jboss Enterprise Application Platform 7.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »