Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2019-14483
AdRem NetCrunch 10.6.0.4587 allows Credentials Disclosure. Every user can read the BSD, Linux, MacOS and Solaris private keys, private keys' passwords, and root passwords stored in the credential manager. Every administrator can read the ESX and Windows passwords stored in t...
Adremsoft Netcrunch
NA
CVE-2009-4334
The Self Tuning Memory Manager (STMM) component in IBM DB2 9.1 before FP8, 9.5 before FP5, and 9.7 before FP1 uses 0666 permissions for the STMM log file, which allows local users to cause a denial of service or have unspecified other impact by writing to this file.
Ibm Db2 9.5
Ibm Db2 9.7
Ibm Db2 9.1
NA
CVE-2009-4336
Cross-site scripting (XSS) vulnerability in the Diocese of Portsmouth Calendar (pd_calendar) extension 0.4.1 and previous versions for TYPO3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Simon Rundell Pd Calendar Today 0.0.3
Simon Rundell Pd Calendar Today
NA
CVE-2009-4339
SQL injection vulnerability in the Subscription (mf_subscription) extension 0.2.2 for TYPO3 allows remote malicious users to execute arbitrary SQL commands via unknown vectors.
Stephan Vits Mf Subscription 0.2.2
9.8
CVSSv3
CVE-2019-14495
webadmin.c in 3proxy prior to 0.8.13 has an out-of-bounds write in the admin interface.
3proxy 3proxy
NA
CVE-2009-4344
Cross-site scripting (XSS) vulnerability in the ZID Linkliste (zid_linklist) extension 1.0.0 for TYPO3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Tobias Sommer Zid Linklist 1.0.0
NA
CVE-2019-14501
Rejected reason: Unused CVE for 2019
NA
CVE-2009-4353
The Mobile Edition of TransWARE Active! mail 2003 build 2003.0139.0871 and previous versions, and possibly other versions prior to 2003.0139.0911, does not remove the session ID in a Referer URL, which allows remote malicious users to hijack web sessions via vectors such as an em...
Transware Active\\! Mail
NA
CVE-2009-4356
Multiple integer overflows in the jpeg.w5s and png.w5s filters in Winamp prior to 5.57 allow remote malicious users to execute arbitrary code via malformed (1) JPEG or (2) PNG data in an MP3 file.
Nullsoft Winamp 5.541
Nullsoft Winamp 5.5
Nullsoft Winamp 5.09
Nullsoft Winamp 5.08e
Nullsoft Winamp 5.03
Nullsoft Winamp 5.02
Nullsoft Winamp 3.0
Nullsoft Winamp 2.90
Nullsoft Winamp 2.78
Nullsoft Winamp 5.552
Nullsoft Winamp 5.53
Nullsoft Winamp 5.07
Nullsoft Winamp 5.06
Nullsoft Winamp 5.0.2
Nullsoft Winamp 5.0.1
Nullsoft Winamp 5.0
Nullsoft Winamp 2.81
Nullsoft Winamp 2.79
Nullsoft Winamp 2.74
Nullsoft Winamp 2.71
Nullsoft Winamp 2.60
Nullsoft Winamp 2.5e
NA
CVE-2009-4358
freebsd-update in FreeBSD 8.0, 7.2, 7.1, 6.4, and 6.3 uses insecure permissions in its working directory (/var/db/freebsd-update by default), which allows local users to read copies of sensitive files after a (1) freebsd-update fetch (fetch) or (2) freebsd-update upgrade (upgrade...
Freebsd Freebsd 8.0
Freebsd Freebsd 7.2
Freebsd Freebsd 7.1
Freebsd Freebsd 6.4
Freebsd Freebsd 6.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »