VYPR

linux

by Debian

Source repositories

CVEs (3,015)

  • CVE-2017-5038MedApr 24, 2017
    risk 0.41cvss 6.3epss 0.01

    Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free bug in GuestView, which allowed a remote attacker to perform an out of bounds memory read via a crafted Chrome extension.

  • CVE-2016-9955MedFeb 17, 2017
    risk 0.41cvss 6.3epss 0.01

    The SimpleSAML_XML_Validator class constructor in SimpleSAMLphp before 1.14.11 might allow remote attackers to spoof signatures on SAML 1 responses or possibly cause a denial of service (memory consumption) by leveraging improper conversion of return values to boolean.

  • CVE-2017-3291MedJan 27, 2017
    risk 0.41cvss 6.3epss 0.00

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to…

  • CVE-2016-5728MedJun 27, 2016
    risk 0.41cvss 6.3epss 0.00

    Race condition in the vop_ioctl function in drivers/misc/mic/vop/vop_vringh.c in the MIC VOP driver in the Linux kernel before 4.6.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (memory corruption and system crash) by…

  • CVE-2015-8474HigApr 12, 2016
    risk 0.41cvss 7.4epss 0.02

    Open redirect vulnerability in the valid_back_url function in app/controllers/application_controller.rb in Redmine before 2.6.7, 3.0.x before 3.0.5, and 3.1.x before 3.1.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted…

  • CVE-2016-1628MedFeb 21, 2016
    risk 0.41cvss 6.3epss 0.02

    pi.c in OpenJPEG, as used in PDFium in Google Chrome before 48.0.2564.109, does not validate a certain precision value, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via a crafted JPEG 2000 image in a PDF document,…

  • CVE-2024-35899MedMay 19, 2024
    risk 0.40cvss 6.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: flush pending destroy work before exit_net release Similar to 2c9f0293280e ("netfilter: nf_tables: flush pending destroy work before netlink notifier") to address a race between exit_net…

  • CVE-2017-8811MedNov 15, 2017
    risk 0.40cvss 6.1epss 0.01

    The implementation of raw message parameter expansion in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows HTML mangling attacks.

  • CVE-2017-8808MedNov 15, 2017
    risk 0.40cvss 6.1epss 0.01

    MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 has XSS when the $wgShowExceptionDetails setting is false and the browser sends non-standard URL escaping.

  • CVE-2017-10356MedOct 19, 2017
    risk 0.40cvss 6.2epss 0.01

    Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows…

  • CVE-2017-15574MedOct 18, 2017
    risk 0.40cvss 6.1epss 0.01

    In Redmine before 3.2.6 and 3.3.x before 3.3.3, stored XSS is possible by using an SVG document as an attachment.

  • CVE-2017-15573MedOct 18, 2017
    risk 0.40cvss 6.1epss 0.01

    In Redmine before 3.2.6 and 3.3.x before 3.3.3, XSS exists because markup is mishandled in wiki content.

  • CVE-2017-15571MedOct 18, 2017
    risk 0.40cvss 6.1epss 0.01

    In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, XSS exists in app/views/issues/_list.html.erb via crafted column data.

  • CVE-2017-15570MedOct 18, 2017
    risk 0.40cvss 6.1epss 0.01

    In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, XSS exists in app/views/timelog/_list.html.erb via crafted column data.

  • CVE-2017-15569MedOct 18, 2017
    risk 0.40cvss 6.1epss 0.01

    In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, XSS exists in app/helpers/queries_helper.rb via a multi-value field with a crafted value that is mishandled during rendering of an issue list.

  • CVE-2017-15568MedOct 18, 2017
    risk 0.40cvss 6.1epss 0.01

    In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, XSS exists in app/helpers/application_helper.rb via a multi-value field with a crafted value that is mishandled during rendering of issue history.

  • CVE-2015-2750MedSep 13, 2017
    risk 0.40cvss 6.1epss 0.01

    Open redirect vulnerability in URL-related API functions in Drupal 6.x before 6.35 and 7.x before 7.35 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving the "//" initial sequence.

  • CVE-2016-10510MedAug 31, 2017
    risk 0.40cvss 6.1epss 0.02

    Cross-site scripting (XSS) vulnerability in the Security component of Kohana before 3.3.6 allows remote attackers to inject arbitrary web script or HTML by bypassing the strip_image_tags protection mechanism in system/classes/Kohana/Security.php.

  • CVE-2017-11107MedJul 8, 2017
    risk 0.40cvss 6.1epss 0.02

    phpLDAPadmin through 1.2.3 has XSS in htdocs/entry_chooser.php via the form, element, rdn, or container parameter.

  • CVE-2017-4967MedJun 13, 2017
    risk 0.40cvss 6.1epss 0.02

    An issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x versions, all 3.5.x versions, and 3.6.x versions prior to 3.6.9; and these RabbitMQ for PCF versions: all 1.5.x versions, 1.6.x versions prior to 1.6.18, and 1.7.x versions prior to 1.7.15. Several forms in…

Page 62 of 151