Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
portable runtime vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-28331
On Windows, Apache Portable Runtime 1.7.0 and previous versions may write beyond the end of a stack based buffer in apr_socket_sendv(). This is a result of integer overflow.
Apache Portable Runtime
9.8
CVSSv3
CVE-2022-24963
Integer Overflow or Wraparound vulnerability in apr_encode functions of Apache Portable Runtime (APR) allows an malicious user to write beyond bounds of a buffer. This issue affects Apache Portable Runtime (APR) version 1.7.0.
Apache Portable Runtime 1.7.0
8.6
CVSSv3
CVE-2016-1951
Multiple integer overflows in io/prprf.c in Mozilla Netscape Portable Runtime (NSPR) prior to 4.12 allow remote malicious users to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long string to a PR_*printf function.
Mozilla Netscape Portable Runtime
7.5
CVSSv3
CVE-2023-37918
Dapr is a portable, event-driven, runtime for building distributed applications across cloud and edge. A vulnerability has been found in Dapr that allows bypassing API token authentication, which is used by the Dapr sidecar to authenticate calls coming from the application, with ...
Linuxfoundation Dapr
7.5
CVSSv3
CVE-2022-34169
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update t...
Apache Xalan-java
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Oracle Jre 17.0.3.1
Oracle Jre 18.0.1.1
Oracle Jre 11.0.15.1
Oracle Jre 1.8.0
Oracle Jre 1.7.0
Oracle Jdk 17.0.3.1
Oracle Jdk 18.0.1.1
Oracle Jdk 11.0.15.1
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Graalvm 20.3.6
Oracle Graalvm 21.3.2
Oracle Graalvm 22.1.0
Oracle Openjdk 8
Oracle Openjdk 7
Oracle Openjdk 18
Oracle Openjdk
Fedoraproject Fedora 35
Fedoraproject Fedora 36
3 Github repositories
7.5
CVSSv3
CVE-2022-21449
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 17.0.2 and 18; Oracle GraalVM Enterprise Edition: 21.3.1 and 22.0.0.2. Easily exploitable vulnerabilit...
Oracle Graalvm 21.3.1
Oracle Graalvm 22.0.0.2
Oracle Jdk 18
Oracle Jdk 17.0.2
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Cloud Insights -
Netapp E-series Santricity Storage Manager -
Netapp E-series Santricity Web Services -
Netapp Solidfire \\& Hci Management Node -
Netapp Santricity Unified Manager -
Netapp Hci Compute Node -
Netapp 7-mode Transition Tool -
Netapp Active Iq Unified Manager -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Netapp E-series Santricity Os Controller 11.0
Azul Zulu 15.38
Azul Zulu 17.32
Azul Zulu 18.28
24 Github repositories
1 Article
7.5
CVSSv3
CVE-2022-21476
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Eas...
Oracle Graalvm 20.3.5
Oracle Graalvm 21.3.1
Oracle Graalvm 22.0.0.2
Oracle Jdk 18
Oracle Jdk 17.0.2
Oracle Jdk 11.0.14
Oracle Jdk 8.0
Oracle Jdk 7.0
Netapp Element Software -
Netapp Oncommand Insight -
Netapp E-series Santricity Storage Manager -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Santricity Unified Manager -
Netapp E-series Santricity Web Services -
Netapp E-series Santricity Os Controller
Netapp Cloud Insights Acquisition Unit -
Netapp Cloud Secure Agent -
Netapp Bootstrap Os -
Debian Debian Linux 9.0
Debian Debian Linux 10.0
7.5
CVSSv3
CVE-2009-2699
The Solaris pollset feature in the Event Port backend in poll/unix/port.c in the Apache Portable Runtime (APR) library prior to 1.3.9, as used in the Apache HTTP Server prior to 2.2.14 and other products, does not properly handle errors, which allows remote malicious users to cau...
Apache Http Server
Apache Portable Runtime
7.4
CVSSv3
CVE-2023-21930
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Diffi...
Oracle Jre 11.0.18
Oracle Jre 17.0.6
Oracle Jdk 11.0.18
Oracle Graalvm 20.3.9
Oracle Graalvm 21.3.5
Oracle Graalvm 22.3.1
Oracle Jdk 1.8.0
Oracle Jdk 17.0.6
Oracle Jre 1.8.0
Oracle Jre 20
Oracle Jdk 20
Netapp Oncommand Insight -
Netapp 7-mode Transition Tool -
Netapp Brocade San Navigator -
Netapp Cloud Insights Acquisition Unit -
Netapp Cloud Insights Storage Workload Security Agent -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Oracle Openjdk 8
Oracle Openjdk 20
Oracle Openjdk
7.1
CVSSv3
CVE-2021-35940
An out-of-bounds array read in the apr_time_exp*() functions was fixed in the Apache Portable Runtime 1.6.3 release (CVE-2017-12613). The fix for this issue was not carried forward to the APR 1.7.x branch, and hence version 1.7.0 regressed compared to 1.6.3 and is vulnerable to t...
Apache Portable Runtime 1.7.0
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »