Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
deeply project deeply vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2019-10750
deeply is vulnerable to Prototype Pollution in versions prior to 3.1.0. The function assign-deep could be tricked into adding or modifying properties of Object.prototype using using a _proto_ payload.
Deeply Project Deeply
NA
CVE-2022-45873
systemd 250 and 251 allows local users to achieve a systemd-coredump deadlock by triggering a crash that has a long backtrace. This occurs in parse_elf_object in shared/elf-util.c. The exploitation methodology is to crash a binary calling the same function recursively, and put it...
Systemd Project Systemd
Systemd Project Systemd 252
Fedoraproject Fedora 36
5
CVSSv2
CVE-2014-10064
The qs module prior to 1.0.0 does not have an option or default for specifying object depth and when parsing a string representing a deeply nested object will block the event loop for long periods of time. An attacker could leverage this to cause a temporary denial-of-service con...
Qs Project Qs
NA
CVE-2023-34624
An issue exists htmlcleaner thru = 2.28 allows malicious users to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies.
Htmlcleaner Project Htmlcleaner
6.8
CVSSv2
CVE-2011-3630
Hardlink prior to 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way directory trees with deeply nested directories are processed. A remote attacker could provide a specially-crafted directory tree, and trick the local user into consolidating it, lead...
Hardlink Project Hardlink
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux 6.0
6.4
CVSSv2
CVE-2022-1996
Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0.
Go-restful Project Go-restful
Fedoraproject Fedora 35
Fedoraproject Fedora 36
1 Github repository
5
CVSSv2
CVE-2006-6406
Clam AntiVirus (ClamAV) 0.88.6 allows remote malicious users to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file.
Clam Anti-virus Clamav 0.88.6
7.6
CVSSv2
CVE-2006-4253
Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and previous versions allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via multiple Javascript timed events that load a deeply nested XML file, followed by redirecting the b...
Mozilla Firefox 0.8
Mozilla Firefox 1.5
Mozilla Firefox 1.5.0.6
Mozilla Firefox 1.5.0.3
Netscape Navigator 8.1
Mozilla Firefox 1.0.2
Mozilla Firefox 0.9.1
Mozilla Firefox 1.0.4
Mozilla Firefox 1.0.7
Mozilla Firefox 0.10.1
Mozilla Firefox 0.9
K-meleon Project K-meleon 1.0.1
Mozilla Firefox 1.0
Mozilla Firefox 1.0.1
Mozilla Firefox 1.5.0.5
Mozilla Firefox 1.5.0.2
Mozilla Firefox 1.0.3
Mozilla Firefox 0.9.3
Mozilla Firefox 0.9.2
Mozilla Firefox 1.5.0.4
Mozilla Firefox 1.5.0.1
Mozilla Firefox 0.10
1 EDB exploit
5
CVSSv2
CVE-2006-6481
Clam AntiVirus (ClamAV) 0.88.6 allows remote malicious users to cause a denial of service (stack overflow and application crash) by wrapping many layers of multipart/mixed content around a document, a different vulnerability than CVE-2006-5874 and CVE-2006-6406.
Clam Anti-virus Clamav 0.88.6
NA
CVE-2022-1962
Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an malicious user to cause a panic due to stack exhaustion via deeply nested types or declarations.
Golang Go
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »