Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

add from server project add from server vulnerabilities and exploits

(subscribe to this query)
8.8
CVSSv3
CVE-2016-10914
The add-from-server plugin prior to 3.3.2 for WordPress has CSRF for importing a large file.
Add From Server Project Add From Server
9.8
CVSSv3
CVE-2022-25236
xmlparse.c in Expat (aka libexpat) prior to 2.4.5 allows malicious users to insert namespace-separator characters into namespace URIs.
Libexpat Project LibexpatDebian Debian Linux 10.0Debian Debian Linux 11.0Oracle Http Server 12.2.1.3.0Oracle Http Server 12.2.1.4.0Oracle Zfs Storage Appliance Kit 8.8Siemens Sinema Remote Connect Server
9.8
CVSSv3
CVE-2022-25235
xmltok_impl.c in Expat (aka libexpat) prior to 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.
Libexpat Project LibexpatDebian Debian Linux 10.0Debian Debian Linux 11.0Fedoraproject Fedora 34Fedoraproject Fedora 35Oracle Http Server 12.2.1.3.0Oracle Http Server 12.2.1.4.0Oracle Zfs Storage Appliance Kit 8.8Siemens Sinema Remote Connect Server
9.8
CVSSv3
CVE-2022-25315
In Expat (aka libexpat) prior to 2.4.5, there is an integer overflow in storeRawNames.
Libexpat Project LibexpatDebian Debian Linux 10.0Debian Debian Linux 11.0Fedoraproject Fedora 34Fedoraproject Fedora 35Oracle Http Server 12.2.1.3.0Oracle Http Server 12.2.1.4.0Oracle Zfs Storage Appliance Kit 8.8Siemens Sinema Remote Connect Server
NA
CVE-2009-3080
Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel prior to 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request.
Linux Linux KernelLinux Linux Kernel 2.6.32Opensuse Opensuse 11.1Opensuse Opensuse 11.2Suse Linux Enterprise Desktop 10Suse Linux Enterprise Server 10Debian Debian Linux 4.0Canonical Ubuntu Linux 9.04Canonical Ubuntu Linux 8.10Canonical Ubuntu Linux 9.10Canonical Ubuntu Linux 8.04Canonical Ubuntu Linux 6.06Vmware Esx 3.5Redhat Enterprise Linux Server 5.0Redhat Enterprise Linux Desktop 5.0Redhat Enterprise Linux Eus 5.4Redhat Virtualization 5.0Redhat Enterprise Linux Server Workstation 5.0Redhat Fedora 10
NA
CVE-2009-3555
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and previous versions, OpenSSL prior to 0.9.8l, GnuTLS 2.8.5 and previous versions, Mozilla Network Security Ser...
Openssl Openssl 1.0Apache Http ServerOpenssl OpensslGnu GnutlsMozilla NssDebian Debian Linux 5.0Canonical Ubuntu Linux 10.10Fedoraproject Fedora 11Fedoraproject Fedora 13Debian Debian Linux 4.0Debian Debian Linux 8.0Debian Debian Linux 7.0Canonical Ubuntu Linux 9.04Debian Debian Linux 6.0Fedoraproject Fedora 12Canonical Ubuntu Linux 8.04Canonical Ubuntu Linux 10.04Canonical Ubuntu Linux 8.10Canonical Ubuntu Linux 9.10Fedoraproject Fedora 14F5 Nginx
NA
CVE-2023-45288
An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exce...
6.5
CVSSv3
CVE-2018-14629
A denial of service vulnerability exists in Samba's LDAP server prior to 4.7.12, 4.8.7, and 4.9.3. A CNAME loop could lead to infinite recursion in the server. An unprivileged local attacker could create such an entry, leading to denial of service.
Samba SambaCanonical Ubuntu Linux 18.10Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 14.04Debian Debian Linux 9.0Debian Debian Linux 8.0
NA
CVE-2002-1367
Common Unix Printing System (CUPS) 1.1.14 up to and including 1.1.17 allows remote malicious users to add printers without authentication via a certain UDP packet, which can then be used to perform unauthorized activities such as stealing the local root certificate for the admini...
Easy Software Products Cups 1.1.14Easy Software Products Cups 1.1.17Easy Software Products Cups 1.0.4Easy Software Products Cups 1.0.4 8Easy Software Products Cups 1.1.4 3Easy Software Products Cups 1.1.4 5Easy Software Products Cups 1.1.4Easy Software Products Cups 1.1.4 2Easy Software Products Cups 1.1.1Easy Software Products Cups 1.1.10Easy Software Products Cups 1.1.13Easy Software Products Cups 1.1.6Easy Software Products Cups 1.1.7Apple Mac Os X 10.2Apple Mac Os X 10.2.2
9.8
CVSSv3
CVE-2020-7247
smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote malicious users to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the "uncomm...
Openbsd Opensmtpd 6.6Debian Debian Linux 9.0Debian Debian Linux 10.0Fedoraproject Fedora 32Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 19.10
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946CVE-2024-30309CVE-2024-4761CVE-2024-30051type confusionmemory leakCVE-2024-30293reflected XSSCVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook