Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 28 vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2019-7443
KDE KAuth prior to 5.55 allows the passing of parameters with arbitrary types to helpers running as root over DBus via DBusHelperProxy.cpp. Certain types can cause crashes, and trigger the decoding of arbitrary images with dynamically loaded plugins. In other words, KAuth uninten...
Kde Kauth
Opensuse Leap 42.3
Opensuse Leap 15.0
Opensuse Backports -
Fedoraproject Fedora 28
Fedoraproject Fedora 29
6.8
CVSSv2
CVE-2018-20004
An issue has been found in Mini-XML (aka mxml) 2.12. It is a stack-based buffer overflow in mxml_write_node in mxml-file.c via vectors involving a double-precision floating point number and the '<order type="real">' substring, as demonstrated by testmxml...
Mini-xml Project Mini-xml 2.12
Debian Debian Linux 8.0
Fedoraproject Fedora 28
Fedoraproject Fedora 29
5.8
CVSSv2
CVE-2018-19790
An open redirect exists in Symfony 2.7.x prior to 2.7.50, 2.8.x prior to 2.8.49, 3.x prior to 3.4.20, 4.0.x prior to 4.0.15, 4.1.x prior to 4.1.9 and 4.2.x prior to 4.2.1. By using backslashes in the `_failure_path` input field of login forms, an attacker can work around the redi...
Sensiolabs Symfony
Fedoraproject Fedora 28
Debian Debian Linux 8.0
7.5
CVSSv2
CVE-2019-11831
The PharStreamWrapper (aka phar-stream-wrapper) package 2.x prior to 2.1.1 and 3.x prior to 3.1.1 for TYPO3 does not prevent directory traversal, which allows malicious users to bypass a deserialization protection mechanism, as demonstrated by a phar:///path/bad.phar/../good.phar...
Typo3 Pharstreamwrapper
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Drupal Drupal
Joomla Joomla\\!
5.5
CVSSv2
CVE-2018-14348
libcgroup up to and including 0.41 creates /var/log/cgred with mode 0666 regardless of the configured umask, leading to disclosure of information.
Libcgroup Project Libcgroup
Debian Debian Linux 8.0
Fedoraproject Fedora 28
5.5
CVSSv2
CVE-2019-3880
A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba sh...
Samba Samba
Debian Debian Linux 8.0
Redhat Enterprise Linux 7.0
Redhat Gluster Storage 3.0
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 42.3
6.8
CVSSv2
CVE-2019-5429
Untrusted search path in FileZilla prior to 3.41.0-rc1 allows an malicious user to gain privileges via a malicious 'fzsftp' binary in the user's home directory.
Filezilla-project Filezilla Client
Debian Debian Linux 9.0
Fedoraproject Fedora 28
5
CVSSv2
CVE-2019-6975
Django 1.11.x prior to 1.11.19, 2.0.x prior to 2.0.11, and 2.1.x prior to 2.1.6 allows Uncontrolled Memory Consumption via a malicious attacker-supplied value to the django.utils.numberformat.format() function.
Djangoproject Django
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Fedoraproject Fedora 28
Fedoraproject Fedora 29
3 Github repositories
4.3
CVSSv2
CVE-2018-18409
A stack-based buffer over-read exists in setbit() at iptree.h of TCPFLOW 1.5.0, due to received incorrect values causing incorrect computation, leading to denial of service during an address_histogram call or a get_histogram call.
Digitalcorpora Tcpflow 1.5.0
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
4.3
CVSSv2
CVE-2018-10196
NULL pointer dereference vulnerability in the rebuild_vlists function in lib/dotgen/conc.c in the dotgen library in Graphviz 2.40.1 allows remote malicious users to cause a denial of service (application crash) via a crafted file.
Graphviz Graphviz 2.40.1
Fedoraproject Fedora 27
Fedoraproject Fedora 28
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
brute force
CVE-2024-24908
open redirect
CVE-2024-31497
CVE-2023-45866
CVE-2024-4135
CVE-2024-25523
cache poisoning
CVE-2024-4649
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »