Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
flag content vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2010-1568
The Send Secure functionality in the Cisco IronPort Desktop Flag Plug-in for Outlook prior to 6.5.0-006 does not properly handle simultaneously composed messages, which might allow remote malicious users to obtain cleartext contents of e-mail messages that were intended to be enc...
Cisco Ironport Desktop Flag Plugin For Outlook 6.2.4.3
Cisco Ironport Desktop Flag Plugin For Outlook
5
CVSSv2
CVE-2013-4724
DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, does not include the HTTPOnly flag in a Set-Cookie header for an unspecified cookie, which makes it easier for remote malicious users to obtain potentially sensitive informatio...
Ddsn Cm3 Acora Content Management System 6.0.2\\/1a
Ddsn Cm3 Acora Content Management System 5.5.7\\/12b
Ddsn Cm3 Acora Content Management System 5.5.0\\/1b-p1
Ddsn Cm3 Acora Content Management System 6.0.6\\/1a
5
CVSSv2
CVE-2013-4725
DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, does not set the secure flag for an unspecified cookie in an https session, which makes it easier for remote malicious users to capture this cookie by intercepting its transmis...
Ddsn Cm3 Acora Content Management System 6.0.6\\/1a
Ddsn Cm3 Acora Content Management System 5.5.7\\/12b
Ddsn Cm3 Acora Content Management System 6.0.2\\/1a
Ddsn Cm3 Acora Content Management System 5.5.0\\/1b-p1
5
CVSSv2
CVE-2021-34697
A vulnerability in the Protection Against Distributed Denial of Service Attacks feature of Cisco IOS XE Software could allow an unauthenticated, remote malicious user to conduct denial of service (DoS) attacks to or through the affected device. This vulnerability is due to incorr...
Cisco Ios Xe
4.3
CVSSv2
CVE-2016-6422
Cisco IOS 12.2(33)SXJ9 on Supervisor Engine 32 and 720 modules for 6500 and 7600 devices mishandles certain operators, flags, and keywords in TCAM share ACLs, which allows remote malicious users to bypass intended access restrictions by sending packets that should have been recog...
Cisco Ios 12.2\\(33\\)sxj9
6.8
CVSSv2
CVE-2019-6215
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.
Apple Iphone Os
Apple Tvos
Apple Watchos
Apple Safari
Apple Icloud
Apple Itunes
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
1 EDB exploit
4.3
CVSSv2
CVE-2009-5096
Cross-site scripting (XSS) vulnerability in the Flag Content module 5.x-2.x prior to 5.x-2.10 for Drupal allows remote malicious users to inject arbitrary web script or HTML via the Reason parameter.
Khalid Baheyeldin Flag Content 5.x-2.5
Khalid Baheyeldin Flag Content 5.x-2.6
Khalid Baheyeldin Flag Content 5.x-2.7
Khalid Baheyeldin Flag Content 5.x-2.8
Khalid Baheyeldin Flag Content 5.x-2.2
Khalid Baheyeldin Flag Content 5.x-2.4
Khalid Baheyeldin Flag Content 5.x-2.0
Khalid Baheyeldin Flag Content 5.x-2.1
Khalid Baheyeldin Flag Content 5.x-2.9
Khalid Baheyeldin Flag Content 5.x-2.x-dev
4.3
CVSSv2
CVE-2020-15653
An iframe sandbox element with the allow-popups flag could be bypassed when using noopener links. This could have led to security issues for websites relying on sandbox configurations that allowed popups and hosted arbitrary content. This vulnerability affects Firefox ESR < 78...
Mozilla Thunderbird
Mozilla Firefox Esr
Mozilla Firefox
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
NA
CVE-2023-44123
The vulnerability is the use of implicit PendingIntents with the PendingIntent.FLAG_MUTABLE set that leads to theft and/or (over-)write of arbitrary files with system privilege in the Bluetooth ("com.lge.bluetoothsetting") app. The attacker's app, if it had access ...
Google Android 12.0
Google Android 13.0
NA
CVE-2023-44125
The vulnerability is the use of implicit PendingIntents without the PendingIntent.FLAG_IMMUTABLE set that leads to theft and/or (over-)write of arbitrary files with system privilege in the Personalized service ("com.lge.abba") app. The attacker's app, if it had acc...
Google Android 12.0
Google Android 13.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298
CVE-2024-20356
CVE-2023-21987
CVE-2024-33217
bypass
CVE-2024-31804
CVE-2024-32660
unauthorized
SSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »