Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rick verdoes vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv3
CVE-2019-18345
A reflected XSS issue exists in DAViCal up to and including 1.1.8. It echoes the action parameter without encoding. If a user visits an attacker-supplied link, the attacker can view all data the attacked user can view, as well as perform all actions in the name of the user. If th...
Davical Davical
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
8.8
CVSSv3
CVE-2019-18346
A CSRF issue exists in DAViCal up to and including 1.1.8. If an authenticated user visits an attacker-controlled webpage, the attacker can send arbitrary requests in the name of the user to the application. If the attacked user is an administrator, the attacker could for example ...
Davical Davical
5.4
CVSSv3
CVE-2019-18347
A stored XSS issue exists in DAViCal up to and including 1.1.8. It does not adequately sanitize output of various fields that can be set by unprivileged users, making it possible for JavaScript stored in those fields to be executed by another (possibly privileged) user. Affected ...
Davical Davical
7.2
CVSSv3
CVE-2023-28130
Local user may lead to privilege escalation using Gaia Portal hostnames page.
Checkpoint Gaia Portal R81.20
Checkpoint Gaia Portal R81.10
Checkpoint Gaia Portal R81
Checkpoint Gaia Portal R80.40
5.4
CVSSv3
CVE-2022-31064
BigBlueButton is an open source web conferencing system. Users in meetings with private chat enabled are vulnerable to a cross site scripting attack in affected versions. The attack occurs when the attacker (with xss in the name) starts a chat. in the victim's client the Jav...
Bigbluebutton Bigbluebutton 2.5
Bigbluebutton Bigbluebutton
Bigbluebutton Bigbluebutton 2.3.0
Bigbluebutton Bigbluebutton 2.4.9
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
IMAP
CVE-2024-4367
server-side request forgery
information disclosure
CVE-2024-34342
CVE-2024-4281
CVE-2024-3507
CVE-2024-25560
CVE-2024-34574
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started