Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dhiraj mishra vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2019-3500
aria2c in aria2 1.33.1, when --log is used, can store an HTTP Basic Authentication username and password in a file, which might allow local users to obtain sensitive information by reading this file.
Aria2 Project Aria2 1.33.1
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
6.5
CVSSv3
CVE-2017-15084
The web UI in Rapid7 Metasploit prior to 4.14.1-20170828 allows logout CSRF, aka R7-2017-22.
Rapid7 Metasploit
1 EDB exploit
5.5
CVSSv3
CVE-2019-12477
Supra Smart Cloud TV allows remote file inclusion in the openLiveURL function, which allows a local malicious user to broadcast fake video without any authentication via a /remote/media_control?action=setUri&uri= URI.
Supra Stv-lc40lt0020f Firmware -
1 EDB exploit
2 Articles
6.5
CVSSv3
CVE-2017-1130
IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it would open up many file select dialog boxes which would cause the client hang and have to be restarted. IBM X-Force ID: 121371.
Ibm Inotes 8.5.3.0
Ibm Inotes 8.5.3.1
Ibm Inotes 8.5.3.6
Ibm Inotes 9.0.0.0
Ibm Inotes 8.5.1.5
Ibm Inotes 8.5.2.1
Ibm Inotes 9.0.1.1
Ibm Inotes 8.5.0.0
Ibm Inotes 8.5.1.0
Ibm Inotes 8.5.1.1
Ibm Inotes 8.5.2.0
Ibm Inotes 8.5.2.4
Ibm Inotes 9.0.1.0
Ibm Inotes 9.0.1.8
1 EDB exploit
8.8
CVSSv3
CVE-2019-6498
GattLib 0.2 has a stack-based buffer over-read in gattlib_connect in dbus/gattlib.c because strncpy is misused.
Labapart Gattlib 0.2
1 EDB exploit
7.8
CVSSv3
CVE-2019-10038
Evernote 7.9 on macOS allows malicious users to execute arbitrary programs by embedding a reference to a local executable file such as the /Applications/Calculator.app/Contents/MacOS/Calculator file.
Evernote Evernote 7.9
1 EDB exploit
6.5
CVSSv3
CVE-2017-1129
IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it could cause the Notes client to hang and have to be restarted. IBM X-Force ID: 121370.
Ibm Inotes 8.5.2.1
Ibm Inotes 8.5.2.4
Ibm Inotes 8.5.3.0
Ibm Inotes 8.5.3.1
Ibm Inotes 8.5.1.1
Ibm Inotes 8.5.2.0
Ibm Inotes 8.5.3.6
Ibm Inotes 9.0.1.0
Ibm Inotes 9.0.1.8
Ibm Inotes 8.5.0.0
Ibm Inotes 8.5.1.0
Ibm Inotes 8.5.1.5
Ibm Inotes 9.0.0.0
Ibm Inotes 9.0.1.1
Ibm Expeditor 6.2.1
Ibm Expeditor 6.2.3
Ibm Expeditor 6.2.2
2 EDB exploits
7.5
CVSSv3
CVE-2018-16307
An "Out-of-band resource load" issue exists on Xiaomi MIWiFi Xiaomi_55DD Version 2.8.50 devices. It is possible to induce the application to retrieve the contents of an arbitrary external URL and return those contents in its own response. If a domain name (containing a ...
Mi Xiaomi Miwifi Xiaomi 55dd Firmware 2.8.50
7.8
CVSSv3
CVE-2019-12137
Typora 0.9.9.24.6 on macOS allows directory traversal, for execution of arbitrary programs, via a file:/// or ../ substring in a shared note.
Typora Typora 0.9.9.24.6
4.3
CVSSv3
CVE-2018-6849
In the WebRTC component in DuckDuckGo 4.2.0, after visiting a web site that attempts to gather complete client information (such as https://ip.voidsec.com), the browser can disclose a private IP address in a STUN request.
Duckduckgo Duckduckgo 4.2.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »