Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
security secret server vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2020-25681
A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow exists in the way RRSets are sorted before validating with DNSSEC data. An attacker on the network, who can forge DNS replies such as that they are accepted as valid, could use this flaw to cause a buff...
Thekelleys Dnsmasq
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 Article
7.4
CVSSv3
CVE-2023-0361
A timing side-channel in the handling of RSA ClientKeyExchange messages exists in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker woul...
Gnu Gnutls 3.6.8-11.el8 2
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager -
Netapp Converged Systems Advisor Agent -
5.9
CVSSv3
CVE-2020-25683
A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow exists in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocat...
Thekelleys Dnsmasq
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 Article
5.9
CVSSv3
CVE-2020-25687
A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow exists in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. This flaw allows a remote attacker, who can create valid DNS replies, to cause an overflow in a heap-allocated ...
Thekelleys Dnsmasq
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 Article
8.1
CVSSv3
CVE-2020-25682
A flaw was found in dnsmasq prior to 2.83. A buffer overflow vulnerability exists in the way dnsmasq extract names from DNS packets before validating them with DNSSEC data. An attacker on the network, who can create valid DNS replies, could use this flaw to cause an overflow with...
Thekelleys Dnsmasq
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 Article
5.9
CVSSv3
CVE-2017-17428
Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote malicious users to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack.
Cavium Octeon Sdk
Cavium Nitrox V Ssl Sdk
Cavium Nitrox Ssl Sdk
Cavium Octeon Ssl Sdk
Cavium Turbossl Sdk
Cisco Webex Meetings T31
Cisco Webex Conect Im 7.24.1
Cisco Webex Meetings T32
Cisco Ace4710 Application Control Engine Firmware 3.0\\(0\\)a5\\(3.0\\)
Cisco Ace4710 Application Control Engine Firmware 3.0\\(0\\)a5\\(3.5\\)
Cisco Ace4710 Application Control Engine Firmware 3.0\\(0\\)a5\\(2.0\\)
Cisco Ace30 Application Control Engine Module Firmware 3.0\\(0\\)a5\\(3.0\\)
Cisco Ace30 Application Control Engine Module Firmware 3.0\\(0\\)a5\\(3.5\\)
Cisco Ace30 Application Control Engine Module Firmware 3.0\\(0\\)a5\\(2.0\\)
Cisco Adaptive Security Appliance 5520 Firmware 9.1\\(7.16\\)
Cisco Adaptive Security Appliance 5540 Firmware 9.1\\(7.16\\)
Cisco Adaptive Security Appliance 5550 Firmware 9.1\\(7.16\\)
Cisco Adaptive Security Appliance 5510 Firmware 9.1\\(7.16\\)
Cisco Adaptive Security Appliance 5505 Firmware 9.1\\(7.16\\)
NA
CVE-2004-0643
Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and previous versions may allow local users to execute arbitrary code.
Mit Kerberos 5
Debian Debian Linux 3.0
Redhat Enterprise Linux Desktop 3.0
Redhat Enterprise Linux Server 3.0
Redhat Enterprise Linux Workstation 3.0
6.4
CVSSv3
CVE-2018-3615
Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.
Intel Core I3 6006u
Intel Core I3 6098p
Intel Core I3 6102e
Intel Core I3 6157u
Intel Core I5 661
Intel Core I5 670
Intel Core I5 6300u
Intel Core I5 6350hq
Intel Core I5 6442eq
Intel Core I5 6500
Intel Core I5 6500t
Intel Core I7 610e
Intel Core I7 620le
Intel Core I7 640um
Intel Core I7 660lm
Intel Core I3 6100h
Intel Core I3 6100t
Intel Core I3 6320
Intel Core I5 650
Intel Core I3 6100te
Intel Core I3 6100u
Intel Core I5 655k
2 Articles
7.5
CVSSv3
CVE-2023-40171
Dispatch is an open source security incident management tool. The server response includes the JWT Secret Key used for signing JWT tokens in error message when the `Dispatch Plugin - Basic Authentication Provider` plugin encounters an error when attempting to decode a JWT token. ...
Netflix Dispatch
NA
CVE-2004-0642
Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and previous versions may allow remote malicious users to execute arbitrary code.
Mit Kerberos 5
Debian Debian Linux 3.0
Redhat Enterprise Linux Desktop 3.0
Redhat Enterprise Linux Workstation 3.0
Redhat Enterprise Linux Server 3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »