Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
darwin vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2008-1146
A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 3-bit random hops (aka "Algorithm X3"), as used in OpenBSD 2.8 up to and including 4.2, allows remote malicious users to guess sensitive values such as DNS transaction IDs by observing a sequenc...
Darwin Darwin 9.1
Navision Financials Server 3.0
Cosmicperl Directory Pro 10.0.3
Darwin Darwin 1.0
6.8
CVSSv2
CVE-2008-1147
A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 2-bit random hops (aka "Algorithm X2"), as used in OpenBSD 2.6 up to and including 3.4, Mac OS X 10 up to and including 10.5.1, FreeBSD 4.4 up to and including 7.0, and DragonFlyBSD 1.0 up to an...
Cosmicperl Directory Pro 10.0.3
Darwin Darwin 1.0
Darwin Darwin 9.1
Navision Financials Server 3.0
6.8
CVSSv2
CVE-2008-1148
A certain pseudo-random number generator (PRNG) algorithm that uses ADD with 0 random hops (aka "Algorithm A0"), as used in OpenBSD 3.5 up to and including 4.2 and NetBSD 1.6.2 up to and including 4.0, allows remote malicious users to guess sensitive values such as (1) ...
Cosmicperl Directory Pro 10.0.3
Navision Financials Server 3.0
Darwin Darwin 1.0
Darwin Darwin 9.1
10
CVSSv2
CVE-2007-0748
Heap-based buffer overflow in Apple Darwin Streaming Proxy, when using Darwin Streaming Server prior to 5.5.5, allows remote malicious users to execute arbitrary code via multiple trackID values in a SETUP RTSP request.
Apple Darwin Streaming Server 4.1.2
Apple Darwin Streaming Server 5.0.1
Apple Darwin Streaming Server 5.5.4
Apple Darwin Streaming Server 4.1.3
10
CVSSv2
CVE-2007-0749
Multiple stack-based buffer overflows in the is_command function in proxy.c in Apple Darwin Streaming Proxy, when using Darwin Streaming Server prior to 5.5.5, allow remote malicious users to execute arbitrary code via a long (1) cmd or (2) server value in an RTSP request.
Apple Darwin Streaming Server 4.1.2
Apple Darwin Streaming Server 5.0.1
Apple Darwin Streaming Server 5.5.4
Apple Darwin Streaming Server 4.1.3
4.3
CVSSv2
CVE-2021-25982
In Factor (App Framework & Headless CMS) forum plugin, versions 1.3.5 to 1.8.30, are vulnerable to reflected Cross-Site Scripting (XSS) at the “search” parameter in the URL. An unauthenticated attacker can execute malicious JavaScript code and steal the session co...
Darwin Factor
4.3
CVSSv2
CVE-2021-25983
In Factor (App Framework & Headless CMS) forum plugin, versions v1.3.8 to v1.8.30, are vulnerable to reflected Cross-Site Scripting (XSS) at the “tags” and “category” parameters in the URL. An unauthenticated attacker can execute malicious JavaScript c...
Darwin Factor
4.3
CVSSv2
CVE-2021-25984
In Factor (App Framework & Headless CMS) forum plugin, versions v1.3.3 to v1.8.30, are vulnerable to stored Cross-Site Scripting (XSS) at the “post reply” section. An unauthenticated attacker can execute malicious JavaScript code and steal the session cookies.
Darwin Factor
7.5
CVSSv2
CVE-2021-25985
In Factor (App Framework & Headless CMS) v1.0.4 to v1.8.30, improperly invalidate a user’s session even after the user logs out of the application. In addition, user sessions are stored in the browser’s local storage, which by default does not have an expiration t...
Darwin Factor
5
CVSSv2
CVE-2005-2195
Apple Darwin Streaming Server 5.5 and previous versions allows remote malicious users to cause a denial of service (application crash) via a URL with a filename containing a .cgi extension and an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1, a different vulnerability t...
Apple Darwin Streaming Server
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »