Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

buildbot buildbot vulnerabilities and exploits

(subscribe to this query)
383
VMScore
CVE-2009-2967
Multiple cross-site scripting (XSS) vulnerabilities in Buildbot 0.7.6 up to and including 0.7.11p2 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors, different vulnerabilities than CVE-2009-2959.
Buildbot Buildbot 0.7.11Buildbot Buildbot 0.7.10p1Buildbot Buildbot 0.7.6Buildbot Buildbot 0.7.10Buildbot Buildbot 0.7.11p2Buildbot Buildbot 0.7.11p1Buildbot Buildbot 0.7.7Buildbot Buildbot 0.7.8Buildbot Buildbot 0.7.9
383
VMScore
CVE-2009-2959
Cross-site scripting (XSS) vulnerability in the waterfall web status view (status/web/waterfall.py) in Buildbot 0.7.6 up to and including 0.7.11p1 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Buildbot Buildbot 0.7.11p1Buildbot Buildbot 0.7.10p1Buildbot Buildbot 0.7.8Buildbot Buildbot 0.7.10Buildbot Buildbot 0.7.6Buildbot Buildbot 0.7.7Buildbot Buildbot 0.7.9Buildbot Buildbot 0.7.11
516
VMScore
CVE-2019-7313
www/resource.py in Buildbot prior to 1.8.1 allows CRLF injection in the Location header of /auth/login and /auth/logout via the redirect parameter. This affects other web sites in the same domain.
Buildbot Buildbot
445
VMScore
CVE-2019-12300
Buildbot prior to 1.8.2 and 2.x prior to 2.3.1 accepts a user-submitted authorization token from OAuth and uses it to authenticate a user. If an attacker has a token allowing them to read the user details of a victim, they can login as the victim.
Buildbot Buildbot
505
VMScore
CVE-2009-3242
Unspecified vulnerability in packet.c in the GSM A RR dissector in Wireshark 1.2.0 and 1.2.1 allows remote malicious users to cause a denial of service (application crash) via unknown vectors related to "an uninitialized dissector handle," which triggers an assertion fa...
Wireshark Wireshark 1.2.0Wireshark Wireshark 1.2.1
435
VMScore
CVE-2011-1143
epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark prior to 1.4.4 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file.
Wireshark Wireshark 0.99.3Wireshark Wireshark 0.99.4Wireshark Wireshark 1.0.10Wireshark Wireshark 1.2.13Wireshark Wireshark 1.0.8Wireshark Wireshark 1.2.3Wireshark Wireshark 1.4.2Wireshark Wireshark 1.2.7Wireshark Wireshark 1.0.2Wireshark Wireshark 1.0.3Wireshark Wireshark 1.0.4Wireshark WiresharkWireshark Wireshark 0.99.5Wireshark Wireshark 0.99.6Wireshark Wireshark 1.2.5Wireshark Wireshark 1.2.1Wireshark Wireshark 1.2.0Wireshark Wireshark 1.2.4Wireshark Wireshark 1.4.1Wireshark Wireshark 1.2.12Wireshark Wireshark 1.2.6Wireshark Wireshark 1.0.15
785
VMScore
CVE-2009-3241
Unspecified vulnerability in the OpcUa (OPC UA) dissector in Wireshark 0.99.6 up to and including 1.0.8 and 1.2.0 up to and including 1.2.1 allows remote malicious users to cause a denial of service (memory and CPU consumption) via malformed OPCUA Service CallRequest packets.
Wireshark Wireshark 0.99.7Wireshark Wireshark 1.0Wireshark Wireshark 1.2Wireshark Wireshark 1.2.1Wireshark Wireshark 1.0.4Wireshark Wireshark 1.0.3Wireshark Wireshark 1.0.6Wireshark Wireshark 0.99.9Wireshark Wireshark 1.2.0Wireshark Wireshark 1.0.0Wireshark Wireshark 1.0.1Wireshark Wireshark 1.0.2Wireshark Wireshark 1.0.5Wireshark Wireshark 0.99.8Wireshark Wireshark 1.0.7Wireshark Wireshark 1.0.8Wireshark Wireshark 0.99.6Wireshark Wireshark 0.99.6a
505
VMScore
CVE-2009-3243
Unspecified vulnerability in the TLS dissector in Wireshark 1.2.0 and 1.2.1, when running on Windows, allows remote malicious users to cause a denial of service (application crash) via unknown vectors related to TLS 1.2 conversations.
Wireshark Wireshark 1.2.0Wireshark Wireshark 1.2.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367CVE-2024-35977CVE-2023-49335man-in-the-middleCVE-2024-4947CVE-2024-31714memory leakSQLCVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook