Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

news system project news system vulnerabilities and exploits

(subscribe to this query)
9.3
CVSSv2
CVE-2007-3845
Mozilla Firefox prior to 2.0.0.6, Thunderbird prior to 1.5.0.13 and 2.x prior to 2.0.0.6, and SeaMonkey prior to 1.1.4 allow remote malicious users to execute arbitrary commands via certain vectors associated with launching "a file handling program based on the file extensio...
Mozilla Firefox 2.0.0.5Mozilla Seamonkey 1.1.3Mozilla Thunderbird 2.0.0.5
7.5
CVSSv2
CVE-2019-19781
An issue exists in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.
Citrix Application Delivery Controller Firmware 10.5Citrix Application Delivery Controller Firmware 11.1Citrix Application Delivery Controller Firmware 12.0Citrix Application Delivery Controller Firmware 12.1Citrix Application Delivery Controller Firmware 13.0Citrix Netscaler Gateway Firmware 10.5Citrix Netscaler Gateway Firmware 11.1Citrix Netscaler Gateway Firmware 12.0Citrix Netscaler Gateway Firmware 12.1Citrix Gateway Firmware 13.0
7.5
CVSSv2
CVE-2017-7581
SQL injection vulnerability in NewsController.php in the News module 5.3.2 and previous versions for TYPO3 allows unauthenticated users to execute arbitrary SQL commands via vectors involving overwriteDemand for order and OrderByAllowed.
News System Project News System
7.5
CVSSv2
CVE-2008-0304
Heap-based buffer overflow in Mozilla Thunderbird prior to 2.0.0.12 and SeaMonkey prior to 1.1.8 might allow remote malicious users to execute arbitrary code via a crafted external-body MIME type in an e-mail message, related to an incorrect memory allocation during message previ...
Mozilla SeamonkeyMozilla Thunderbird
7.5
CVSSv2
CVE-2005-3120
Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and previous versions allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.
Invisible-island LynxDebian Debian Linux 3.1Debian Debian Linux 3.0
7.5
CVSSv2
CVE-2003-0205
gkrellm-newsticker gkrellm plugin prior to 0.3-3.1 allows remote malicious users to execute arbitrary commands via shell metacharacters in the ticker title of a URI.
Gkrellm Newsticker Gkrellm Newsticker 0.3
5
CVSSv2
CVE-2003-0206
gkrellm-newsticker gkrellm plugin prior to 0.3-3.1 allows remote malicious users to cause a denial of service (crash) via (1) link or (2) title elements that contain multiple lines.
Gkrellm Newsticker Gkrellm Newsticker 0.3
4.3
CVSSv2
CVE-2021-3449
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_ce...
Openssl OpensslDebian Debian Linux 9.0Debian Debian Linux 10.0Freebsd Freebsd 12.2Netapp Santricity Smi-s Provider -Netapp Snapcenter -Netapp Oncommand Workflow Automation -Netapp Storagegrid -Netapp Oncommand Insight -Netapp Ontap Select Deploy Administration Utility -Netapp Active Iq Unified Manager -Netapp Cloud Volumes Ontap Mediator -Netapp E-series Performance Analyzer -Tenable Tenable.scTenable NessusTenable Nessus Network Monitor 5.11.1Tenable Nessus Network Monitor 5.12.0Tenable Nessus Network Monitor 5.12.1Tenable Nessus Network Monitor 5.13.0Tenable Nessus Network Monitor 5.11.0Tenable Log Correlation EngineFedoraproject Fedora 34
4.3
CVSSv2
CVE-2011-3389
The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle malicious users...
Opera Opera Browser -Microsoft Internet Explorer -Microsoft Windows -Google Chrome -Mozilla Firefox -Siemens Simatic Rf68xr FirmwareSiemens Simatic Rf615r FirmwareHaxx CurlRedhat Enterprise Linux Server 5.0Redhat Enterprise Linux Server Aus 6.2Redhat Enterprise Linux Workstation 5.0Redhat Enterprise Linux Desktop 6.0Redhat Enterprise Linux Server 6.0Redhat Enterprise Linux Workstation 6.0Redhat Enterprise Linux Desktop 5.0Redhat Enterprise Linux Eus 6.2Debian Debian Linux 5.0Debian Debian Linux 6.0Canonical Ubuntu Linux 10.10Canonical Ubuntu Linux 11.04Canonical Ubuntu Linux 11.10Canonical Ubuntu Linux 10.04
NA
CVE-2023-1796
A vulnerability classified as problematic has been found in SourceCodester Employee Payslip Generator 1.0. Affected is an unknown function of the file /classes/Master.php?f=save_position of the component Create News Handler. The manipulation of the argument name with the input &l...
Employee Payslip Generator System Project Employee Payslip Generator System 1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firewallCVE-2024-35649stored XSSCVE-2022-28654CVE-2020-35153CVE-2024-27348CVE-2022-28652local usersCVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook