Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
three project three vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2020-28496
This affects the package three prior to 0.125.0. This can happen when handling rgb or hsl colors. PoC: var three = require('three') function build_blank (n) { var ret = "rgb(" for (var i = 0; i < n; i++) { ret += " " } return ret + ""; }...
Three Project Three
1 Github repository
NA
CVE-2012-1147
readfilemap.c in expat prior to 2.1.0 allows context-dependent malicious users to cause a denial of service (file descriptor consumption) via a large number of crafted XML files.
Apple Mac Os X 10.11.0
Apple Mac Os X 10.11.1
Libexpat Project Libexpat 1.95.1
Libexpat Project Libexpat 1.95.2
Libexpat Project Libexpat 1.95.4
Libexpat Project Libexpat 1.95.5
Libexpat Project Libexpat 1.95.6
Libexpat Project Libexpat 1.95.7
Libexpat Project Libexpat 1.95.8
Libexpat Project Libexpat 2.0.0
Libexpat Project Libexpat
NA
CVE-2012-1148
Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat prior to 2.1.0 allows context-dependent malicious users to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expandi...
Libexpat Project Libexpat 1.95.1
Libexpat Project Libexpat 1.95.2
Libexpat Project Libexpat 1.95.4
Libexpat Project Libexpat 1.95.5
Libexpat Project Libexpat 1.95.6
Libexpat Project Libexpat 1.95.7
Libexpat Project Libexpat 1.95.8
Libexpat Project Libexpat 2.0.0
Libexpat Project Libexpat
Apple Mac Os X
NA
CVE-2012-5557
The User Read-Only module 6.x-1.x prior to 6.x-1.4 and 7.x-1.x prior to 7.x-1.4 for Drupal, does not properly assign roles when there are more than three roles on the site and certain unspecified configurations, which might allow remote authenticated users to gain privileges by p...
User Read-only Project User Readonly 6.x-1.0
User Read-only Project User Readonly 6.x-1.1
User Read-only Project User Readonly 6.x-1.2
User Read-only Project User Readonly 6.x-1.3
User Read-only Project User Readonly 6.x-1.x
User Read-only Project User Readonly 7.x-1.0
User Read-only Project User Readonly 7.x-1.1
User Read-only Project User Readonly 7.x-1.2
User Read-only Project User Readonly 7.x-1.3
User Read-only Project User Readonly 7.x-1.x
7.5
CVSSv3
CVE-2018-17145
Bitcoin Core 0.16.x prior to 0.16.2 and Bitcoin Knots 0.16.x prior to 0.16.2 allow remote denial of service via a flood of multiple transaction inv messages with random hashes, aka INVDoS. NOTE: this can also affect other cryptocurrencies, e.g., if they were forked from Bitcoin C...
Btcd Project Btcd 0.7.0
Btcd Project Btcd 0.6.0
Btcd Project Btcd 0.5.0
Btcd Project Btcd 0.4.0
Btcd Project Btcd 0.3.3
Btcd Project Btcd 0.3.2
Btcd Project Btcd 0.3.1
Btcd Project Btcd 0.3.0
Btcd Project Btcd 0.13.0
Btcd Project Btcd 0.20.0
Btcd Project Btcd 0.12.0
Btcd Project Btcd 0.11.1
Btcd Project Btcd 0.11.0
Btcd Project Btcd 0.10.0
Btcd Project Btcd 0.9.0
Btcd Project Btcd 0.8.0
Btcd Project Btcd 0.20.1
Bcoin Bcoin
Namecoin Namecoin Core
Litecoin Litecoin
Bitcoinknots Bitcoin Knots
Bitcoin Bitcoin Core
8.2
CVSSv3
CVE-2015-8397
The JPEGLSCodec::DecodeExtent function in MediaStorageAndFileFormat/gdcmJPEGLSCodec.cxx in Grassroots DICOM (aka GDCM) prior to 2.6.2 allows remote malicious users to obtain sensitive information from process memory or cause a denial of service (application crash) via an embedded...
Grassroots Dicom Project Grassroots Dicom
NA
CVE-2001-0318
Format string vulnerability in ProFTPD 1.2.0rc2 may allow malicious users to execute arbitrary commands by shutting down the FTP server while using a malformed working directory (cwd).
Proftpd Project Proftpd 1.2.0 Rc2
5.3
CVSSv3
CVE-2022-36083
JOSE is "JSON Web Almost Everything" - JWA, JWS, JWE, JWT, JWK, JWKS with no dependencies using runtime's native crypto in Node.js, Browser, Cloudflare Workers, Electron, and Deno. The PBKDF2-based JWE key management algorithms expect a JOSE Header Parameter named ...
Jose Project Jose
NA
CVE-2012-5958
Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) prior to 1.6.18 allows remote malicious users to execute arbitrary code via a UDP p...
Libupnp Project Libupnp 1.6.1
Libupnp Project Libupnp 1.4.4
Libupnp Project Libupnp 1.6.6
Libupnp Project Libupnp 1.6.12
Libupnp Project Libupnp 1.6.16
Libupnp Project Libupnp 1.4.7
Libupnp Project Libupnp 1.6.5
Libupnp Project Libupnp 1.6.9
Libupnp Project Libupnp 1.6.14
Libupnp Project Libupnp 1.4.5
Libupnp Project Libupnp 1.6.4
Libupnp Project Libupnp 1.6.10
Libupnp Project Libupnp 1.6.8
Libupnp Project Libupnp 1.6.7
Libupnp Project Libupnp 1.4.1
Libupnp Project Libupnp 1.6.13
Libupnp Project Libupnp 1.6.15
Libupnp Project Libupnp 1.6.2
Libupnp Project Libupnp 1.4.2
Libupnp Project Libupnp
Libupnp Project Libupnp 1.6.11
Libupnp Project Libupnp 1.6.3
1 EDB exploit
1 Github repository
7.8
CVSSv3
CVE-2018-19027
Three type confusion vulnerabilities exist in CX-One Versions 4.50 and prior and CX-Protocol Versions 2.0 and prior when processing project files. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.
Omron Cx-protocol
Omron Cx-one
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30078
CVE-2024-37896
code injection
CVE-2024-3080
CVE-2024-5172
cross-site request forgery
CVE-2024-6111
firmware
CVE-2024-38504
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »