Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
longer vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-4411
The (1) setfacl and (2) getfacl commands in XFS acl 2.2.47, when running in recursive (-R) mode, follow symbolic links even when the --physical (aka -P) or -L option is specified, which might allow local users to modify the ACL for arbitrary files or directories via a symlink att...
Xfs Acl 2.2.47
7.5
CVSSv3
CVE-2017-11565
debian/tor.init in the Debian tor_0.2.9.11-1~deb9u1 package for Tor was designed to execute aa-exec from the standard system pathname if the apparmor package is installed, but implements this incorrectly (with a wrong assumption that the specific pathname would remain the same fo...
Debian Tor 0.2.9.11-1
5.5
CVSSv3
CVE-2020-10769
A buffer over-read flaw was found in RH kernel versions prior to 5.0 in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it ca...
Redhat Enterprise Linux 7.0
Opensuse Leap 15.1
NA
CVE-2009-2470
Mozilla Firefox prior to 3.0.12, and 3.5.x prior to 3.5.2, allows remote SOCKS5 proxy servers to cause a denial of service (data stream corruption) via a long domain name in a reply.
Mozilla Firefox 0.8
Mozilla Firefox 0.10.1
Mozilla Firefox 1.0
Mozilla Firefox 3.0.5
Mozilla Firefox 1.0.7
Mozilla Firefox 1.0.6
Mozilla Firefox 2.0 .5
Mozilla Firefox 2.0.0.14
Mozilla Firefox 0.9.1
Mozilla Firefox 0.9
Mozilla Firefox 1.0.3
Mozilla Firefox 2.0.0.9
Mozilla Firefox 1.5
Mozilla Firefox 2.0 .7
Mozilla Firefox 2.0 .9
Mozilla Firefox 1.4.1
Mozilla Firefox 2.0.0.15
Mozilla Firefox 0.5
Mozilla Firefox 0.6
Mozilla Firefox 1.5.0.11
Mozilla Firefox 2.0.0.7
Mozilla Firefox 1.5.0.8
7.8
CVSSv3
CVE-2019-1162
An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system, aka 'Windows ALPC Elev...
Microsoft Windows Server 2016 1803
Microsoft Windows Server 2012 R2
Microsoft Windows 7 -
Microsoft Windows 10 1903
Microsoft Windows Server 2019 -
Microsoft Windows Server 2016 1903
Microsoft Windows 10 -
Microsoft Windows 10 1607
Microsoft Windows 10 1703
Microsoft Windows 10 1709
Microsoft Windows 10 1803
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2008 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2016 -
Microsoft Windows Server 2012 -
Microsoft Windows 8.1 -
Microsoft Windows 10 1809
2 Articles
8.6
CVSSv3
CVE-2021-1523
A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, remote malicious user to cause a queue wedge on a leaf switch, which could result in critical control plane traffic to the device being drop...
Cisco Nx-os 13.2\\(3n\\)
Cisco Nx-os 14.2\\(4i\\)
NA
CVE-2002-0072
The w3svc.dll ISAPI filter in Front Page Server Extensions and ASP.NET for Internet Information Server (IIS) 4.0, 5.0, and 5.1 does not properly handle the error condition when a long URL is provided, which allows remote malicious users to cause a denial of service (crash) when t...
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
NA
CVE-2002-0073
The FTP service in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows attackers who have established an FTP session to cause a denial of service via a specially crafted status request containing glob characters.
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 4.0
NA
CVE-2002-0074
Cross-site scripting vulnerability in Help File search facility for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote malicious users to embed scripts into another user's session.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
NA
CVE-2002-0075
Cross-site scripting vulnerability for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote malicious users to execute arbitrary script as other web users via the error message used in a URL redirect (""302 Object Moved") message.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »