Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dino dino vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-33896
Dino prior to 0.1.2 and 0.2.x prior to 0.2.1 allows Directory Traversal (only for creation of new files) via URI-encoded path separators.
Dino Dino
Fedoraproject Fedora 33
Fedoraproject Fedora 34
5.4
CVSSv2
CVE-2014-7633
The Dino Zoo (aka com.tappocket.dinozoostar) application 1.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Tappocket Dino Zoo 1.5
5
CVSSv2
CVE-2019-16235
Dino prior to 2019-09-10 does not properly check the source of a carbons message in module/xep/0280_message_carbons.vala.
Dino Dino
Canonical Ubuntu Linux 18.04
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 10.0
5
CVSSv2
CVE-2019-16236
Dino prior to 2019-09-10 does not check roster push authorization in module/roster/module.vala.
Dino Dino
Canonical Ubuntu Linux 18.04
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 10.0
5
CVSSv2
CVE-2019-16237
Dino prior to 2019-09-10 does not properly check the source of an MAM message in module/xep/0313_message_archive_management.vala.
Dino Dino
Canonical Ubuntu Linux 18.04
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 10.0
5.4
CVSSv2
CVE-2014-6997
The Dino Village (aka com.tappocket.dinovillage) application 1.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Itiw-webdev Dino Village 1.6
6.8
CVSSv2
CVE-2008-4075
Directory traversal vulnerability in index.php in D-iscussion Board 3.01 allows remote malicious users to read arbitrary files via a .. (dot dot) in the topic parameter.
Dino D-iscussion Board 3.01
1 EDB exploit
NA
CVE-2023-28686
Dino prior to 0.2.3, 0.3.x prior to 0.3.2, and 0.4.x prior to 0.4.2 allows malicious users to modify the personal bookmark store via a crafted message. The attacker can change the display of group chats or force a victim to join a group chat; the victim may then be tricked into d...
Dino Dino
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
4.3
CVSSv2
CVE-2017-8866
Elemental Path's CogniToys Dino smart toys through firmware version 0.0.794 share a fixed small pool of hardcoded keys, allowing a remote malicious user to use a different Dino device to decrypt VoIP traffic between a child's Dino and remote server.
Cognitoys Stemosaur Firmware
4.3
CVSSv2
CVE-2017-8865
Elemental Path's CogniToys Dino smart toys through firmware version 0.0.794 do not provide sufficient protections against capture-replay attacks, allowing an attacker on the network to replay VoIP traffic between a Dino device and remote server to any other Dino device.
Cognitoys Stemosaur Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »