Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
maxe vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-2114
Multiple cross-site scripting (XSS) vulnerabilities in admin.php in SkyBlueCanvas 1.1 r237 allow remote malicious users to inject arbitrary web script or HTML via the (1) mgroup, (2) mgr, (3) objtype, (4) id, and (5) dir parameters.
Skybluecanvas Skybluecanvas 1.1
1 EDB exploit
NA
CVE-2009-2116
Directory traversal vulnerability in admin.php in SkyBlueCanvas 1.1 r237 allows remote authenticated administrators to list directory contents via a .. (dot dot) in the dir parameter.
Skybluecanvas Skybluecanvas 1.1
1 EDB exploit
NA
CVE-2009-4450
Multiple cross-site scripting (XSS) vulnerabilities in map.php in LiveZilla 3.1.8.3 allow remote malicious users to inject arbitrary web script or HTML via the (1) lat, (2) lng, and (3) zom parameters, which are not properly handled when processed with templates/map.tpl.
Livezilla Livezilla 3.1.8.3
1 EDB exploit
7.5
CVSSv3
CVE-2017-0375
The hidden-service feature in Tor prior to 0.3.0.8 allows a denial of service (assertion failure and daemon exit) in the relay_send_end_cell_from_edge_ function via a malformed BEGIN cell.
Torproject Tor
3.7
CVSSv3
CVE-2016-0701
The DH_check_pub_key function in crypto/dh/dh_check.c in OpenSSL 1.0.2 prior to 1.0.2f does not ensure that prime numbers are appropriate for Diffie-Hellman (DH) key exchange, which makes it easier for remote malicious users to discover a private DH exponent by making multiple ha...
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.2e
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.2
Openssl Openssl 1.0.2d
1 Article
5.1
CVSSv3
CVE-2016-0702
The MOD_EXP_CTIME_COPY_FROM_PREBUF function in crypto/bn/bn_exp.c in OpenSSL 1.0.1 prior to 1.0.1s and 1.0.2 prior to 1.0.2g does not properly consider cache-bank access times during modular exponentiation, which makes it easier for local users to discover RSA keys by running a c...
Openssl Openssl 1.0.1m
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.1
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.2e
Openssl Openssl 1.0.1r
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.2
Openssl Openssl 1.0.1p
Openssl Openssl 1.0.1k
Openssl Openssl 1.0.1b
Openssl Openssl 1.0.1n
Openssl Openssl 1.0.1q
Openssl Openssl 1.0.1e
Openssl Openssl 1.0.1l
Openssl Openssl 1.0.1f
1 Github repository
8.2
CVSSv3
CVE-2016-2176
The X509_NAME_oneline function in crypto/x509/x509_obj.c in OpenSSL prior to 1.0.1t and 1.0.2 prior to 1.0.2h allows remote malicious users to obtain sensitive information from process stack memory or cause a denial of service (buffer over-read) via crafted EBCDIC ASN.1 data.
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.2e
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.2g
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.2
Openssl Openssl
Openssl Openssl 1.0.2f
Openssl Openssl 1.0.2d
1 Article
7.5
CVSSv3
CVE-2016-0797
Multiple integer overflows in OpenSSL 1.0.1 prior to 1.0.1s and 1.0.2 prior to 1.0.2g allow remote malicious users to cause a denial of service (heap memory corruption or NULL pointer dereference) or possibly have unspecified other impact via a long digit string that is mishandle...
Openssl Openssl 1.0.1m
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.1
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.2e
Openssl Openssl 1.0.1r
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.2
Openssl Openssl 1.0.1p
Openssl Openssl 1.0.1k
Openssl Openssl 1.0.1b
Openssl Openssl 1.0.1n
Openssl Openssl 1.0.1q
Openssl Openssl 1.0.1e
Openssl Openssl 1.0.1l
Openssl Openssl 1.0.1f
7.5
CVSSv3
CVE-2016-0798
Memory leak in the SRP_VBASE_get_by_user implementation in OpenSSL 1.0.1 prior to 1.0.1s and 1.0.2 prior to 1.0.2g allows remote malicious users to cause a denial of service (memory consumption) by providing an invalid username in a connection attempt, related to apps/s_server.c ...
Openssl Openssl 1.0.1m
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.1
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.2e
Openssl Openssl 1.0.1r
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.2
Openssl Openssl 1.0.1p
Openssl Openssl 1.0.1k
Openssl Openssl 1.0.1b
Openssl Openssl 1.0.1n
Openssl Openssl 1.0.1q
Openssl Openssl 1.0.1e
Openssl Openssl 1.0.1l
Openssl Openssl 1.0.1f
9.8
CVSSv3
CVE-2016-0799
The fmtstr function in crypto/bio/b_print.c in OpenSSL 1.0.1 prior to 1.0.1s and 1.0.2 prior to 1.0.2g improperly calculates string lengths, which allows remote malicious users to cause a denial of service (overflow and out-of-bounds read) or possibly have unspecified other impac...
Openssl Openssl 1.0.1m
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.1
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.2e
Openssl Openssl 1.0.1r
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.2
Openssl Openssl 1.0.1p
Openssl Openssl 1.0.1k
Openssl Openssl 1.0.1b
Openssl Openssl 1.0.1n
Openssl Openssl 1.0.1q
Openssl Openssl 1.0.1e
Openssl Openssl 1.0.1l
Openssl Openssl 1.0.1f
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »