Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
news system project news system vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2007-3845
Mozilla Firefox prior to 2.0.0.6, Thunderbird prior to 1.5.0.13 and 2.x prior to 2.0.0.6, and SeaMonkey prior to 1.1.4 allow remote malicious users to execute arbitrary commands via certain vectors associated with launching "a file handling program based on the file extensio...
Mozilla Firefox 2.0.0.5
Mozilla Seamonkey 1.1.3
Mozilla Thunderbird 2.0.0.5
1 EDB exploit
7.5
CVSSv2
CVE-2019-19781
An issue exists in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.
Citrix Application Delivery Controller Firmware 10.5
Citrix Application Delivery Controller Firmware 11.1
Citrix Application Delivery Controller Firmware 12.0
Citrix Application Delivery Controller Firmware 12.1
Citrix Application Delivery Controller Firmware 13.0
Citrix Netscaler Gateway Firmware 10.5
Citrix Netscaler Gateway Firmware 11.1
Citrix Netscaler Gateway Firmware 12.0
Citrix Netscaler Gateway Firmware 12.1
Citrix Gateway Firmware 13.0
2 Metasploit modules
64 Github repositories
21 Articles
7.5
CVSSv2
CVE-2017-7581
SQL injection vulnerability in NewsController.php in the News module 5.3.2 and previous versions for TYPO3 allows unauthenticated users to execute arbitrary SQL commands via vectors involving overwriteDemand for order and OrderByAllowed.
News System Project News System
7.5
CVSSv2
CVE-2008-0304
Heap-based buffer overflow in Mozilla Thunderbird prior to 2.0.0.12 and SeaMonkey prior to 1.1.8 might allow remote malicious users to execute arbitrary code via a crafted external-body MIME type in an e-mail message, related to an incorrect memory allocation during message previ...
Mozilla Seamonkey
Mozilla Thunderbird
7.5
CVSSv2
CVE-2005-3120
Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and previous versions allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.
Invisible-island Lynx
Debian Debian Linux 3.1
Debian Debian Linux 3.0
1 EDB exploit
7.5
CVSSv2
CVE-2003-0205
gkrellm-newsticker gkrellm plugin prior to 0.3-3.1 allows remote malicious users to execute arbitrary commands via shell metacharacters in the ticker title of a URI.
Gkrellm Newsticker Gkrellm Newsticker 0.3
5
CVSSv2
CVE-2003-0206
gkrellm-newsticker gkrellm plugin prior to 0.3-3.1 allows remote malicious users to cause a denial of service (crash) via (1) link or (2) title elements that contain multiple lines.
Gkrellm Newsticker Gkrellm Newsticker 0.3
4.3
CVSSv2
CVE-2021-3449
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_ce...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Freebsd Freebsd 12.2
Netapp Santricity Smi-s Provider -
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Oncommand Insight -
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager -
Netapp Cloud Volumes Ontap Mediator -
Netapp E-series Performance Analyzer -
Tenable Tenable.sc
Tenable Nessus
Tenable Nessus Network Monitor 5.11.1
Tenable Nessus Network Monitor 5.12.0
Tenable Nessus Network Monitor 5.12.1
Tenable Nessus Network Monitor 5.13.0
Tenable Nessus Network Monitor 5.11.0
Tenable Log Correlation Engine
Fedoraproject Fedora 34
5 Github repositories
1 Article
4.3
CVSSv2
CVE-2011-3389
The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle malicious users...
Opera Opera Browser -
Microsoft Internet Explorer -
Microsoft Windows -
Google Chrome -
Mozilla Firefox -
Siemens Simatic Rf68xr Firmware
Siemens Simatic Rf615r Firmware
Haxx Curl
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Server Aus 6.2
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Eus 6.2
Debian Debian Linux 5.0
Debian Debian Linux 6.0
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 10.04
2 Github repositories
1 Article
NA
CVE-2023-1796
A vulnerability classified as problematic has been found in SourceCodester Employee Payslip Generator 1.0. Affected is an unknown function of the file /classes/Master.php?f=save_position of the component Create News Handler. The manipulation of the argument name with the input &l...
Employee Payslip Generator System Project Employee Payslip Generator System 1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started