Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle linux 6 vulnerabilities and exploits
(subscribe to this query)
9.6
CVSSv3
CVE-2016-3587
Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote malicious users to affect confidentiality, integrity, and availability via vectors related to Hotspot.
Oracle Linux 6
Oracle Linux 7
Oracle Jdk 1.8.0
Oracle Jre 1.8.0
9.1
CVSSv3
CVE-2020-7059
When using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or cr...
Php Php
Tenable Tenable.sc
Oracle Communications Diameter Signaling Router
Opensuse Leap 15.1
Debian Debian Linux 8.0
9.1
CVSSv3
CVE-2020-7060
When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbfl_filt_conv_big5_wchar to read past the allocated buffer. This may lead to ...
Php Php
Tenable Tenable.sc
Oracle Communications Diameter Signaling Router
Opensuse Leap 15.1
Debian Debian Linux 8.0
8.8
CVSSv3
CVE-2020-10672
FasterXML jackson-databind 2.x prior to 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms).
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Netapp Steelstore Cloud Integrated Storage -
Oracle Retail Xstore Point Of Service 15.0
Oracle Primavera Unifier 16.2
Oracle Retail Service Backbone 14.1
Oracle Primavera Unifier 16.1
Oracle Retail Service Backbone 15.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Retail Xstore Point Of Service 16.0
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Retail Merchandising System 15.0
Oracle Agile Plm 9.3.6
Oracle Banking Digital Experience 18.2
Oracle Banking Digital Experience 18.3
Oracle Banking Digital Experience 19.1
Oracle Banking Digital Experience 18.1
Oracle Weblogic Server 12.2.1.4.0
Oracle Enterprise Manager Base Platform 13.3.0.0
Oracle Financial Services Price Creation And Discovery 8.0.7
Oracle Primavera Unifier 19.12
8.8
CVSSv3
CVE-2020-10673
FasterXML jackson-databind 2.x prior to 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus).
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Netapp Steelstore Cloud Integrated Storage -
Oracle Retail Xstore Point Of Service 15.0
Oracle Primavera Unifier 16.2
Oracle Retail Service Backbone 14.1
Oracle Primavera Unifier 16.1
Oracle Retail Service Backbone 15.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Retail Xstore Point Of Service 16.0
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Retail Merchandising System 15.0
Oracle Agile Plm 9.3.6
Oracle Banking Digital Experience 18.2
Oracle Banking Digital Experience 18.3
Oracle Banking Digital Experience 19.1
Oracle Banking Digital Experience 18.1
Oracle Weblogic Server 12.2.1.4.0
Oracle Enterprise Manager Base Platform 13.3.0.0
Oracle Financial Services Price Creation And Discovery 8.0.7
Oracle Primavera Unifier 19.12
1 Github repository
8.8
CVSSv3
CVE-2020-10531
An issue exists in International Components for Unicode (ICU) for C/C++ up to and including 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.
Icu-project International Components For Unicode
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Google Chrome
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 33
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Opensuse Leap 15.1
Oracle Banking Extensibility Workbench 14.4.0
Oracle Banking Extensibility Workbench 14.3.0
Nodejs Node.js
8.8
CVSSv3
CVE-2016-3710
The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue.
Debian Debian Linux 8.0
Hp Helion Openstack 2.0.0
Hp Helion Openstack 2.1.0
Hp Helion Openstack 2.1.2
Hp Helion Openstack 2.1.4
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 12.04
Qemu Qemu
Qemu Qemu 2.6.0
Oracle Vm Server 3.2
Oracle Vm Server 3.3
Oracle Vm Server 3.4
Oracle Linux 5
Oracle Linux 6
Oracle Linux 7
Citrix Xenserver
Redhat Openstack 5.0
Redhat Openstack 6.0
Redhat Openstack 7.0
Redhat Openstack 8
8.8
CVSSv3
CVE-2016-2794
The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in Graphite 2 prior to 1.3.6, as used in Mozilla Firefox prior to 45.0 and Firefox ESR 38.x prior to 38.7, allows remote malicious users to cause a denial of service (buffer over-read) or possibly have unspecified other...
Mozilla Firefox Esr 38.6.0
Mozilla Firefox Esr 38.5.1
Mozilla Firefox Esr 38.1.0
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.0.1
Mozilla Firefox
Mozilla Firefox Esr 38.6.1
Mozilla Firefox Esr 38.2.0
Mozilla Firefox Esr 38.1.1
Mozilla Firefox Esr 38.3.0
Mozilla Firefox Esr 38.2.1
Mozilla Firefox Esr 38.5.0
Mozilla Firefox Esr 38.4.0
Mozilla Firefox Esr 38.0
Sil Graphite2
Suse Linux Enterprise 12.0
Opensuse Opensuse 13.1
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Oracle Linux 6
Oracle Linux 7
Oracle Linux 5.0
8.8
CVSSv3
CVE-2016-2795
The graphite2::FileFace::get_table_fn function in Graphite 2 prior to 1.3.6, as used in Mozilla Firefox prior to 45.0 and Firefox ESR 38.x prior to 38.7, does not initialize memory for an unspecified data structure, which allows remote malicious users to cause a denial of service...
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Suse Linux Enterprise 12.0
Opensuse Opensuse 13.1
Oracle Linux 6
Oracle Linux 5.0
Oracle Linux 7
Mozilla Firefox
Mozilla Firefox Esr 38.6.1
Mozilla Firefox Esr 38.2.0
Mozilla Firefox Esr 38.1.1
Mozilla Firefox Esr 38.3.0
Mozilla Firefox Esr 38.2.1
Mozilla Firefox Esr 38.5.0
Mozilla Firefox Esr 38.4.0
Mozilla Firefox Esr 38.0.1
Mozilla Firefox Esr 38.0
Mozilla Firefox Esr 38.6.0
Mozilla Firefox Esr 38.5.1
Mozilla Firefox Esr 38.1.0
Mozilla Firefox Esr 38.0.5
Sil Graphite2
8.8
CVSSv3
CVE-2016-2796
Heap-based buffer overflow in the graphite2::vm::Machine::Code::Code function in Graphite 2 prior to 1.3.6, as used in Mozilla Firefox prior to 45.0 and Firefox ESR 38.x prior to 38.7, allows remote malicious users to cause a denial of service or possibly have unspecified other i...
Sil Graphite2
Opensuse Opensuse 13.2
Opensuse Leap 42.1
Suse Linux Enterprise 12.0
Opensuse Opensuse 13.1
Oracle Linux 7
Oracle Linux 6
Oracle Linux 5.0
Mozilla Firefox Esr 38.5.1
Mozilla Firefox Esr 38.5.0
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.0.1
Mozilla Firefox Esr 38.4.0
Mozilla Firefox Esr 38.3.0
Mozilla Firefox Esr 38.0
Mozilla Firefox
Mozilla Firefox Esr 38.2.1
Mozilla Firefox Esr 38.2.0
Mozilla Firefox Esr 38.6.1
Mozilla Firefox Esr 38.6.0
Mozilla Firefox Esr 38.1.1
Mozilla Firefox Esr 38.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »