Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
noam rathaus vulnerabilities and exploits
(subscribe to this query)
544
VMScore
CVE-2018-14734
drivers/infiniband/core/ucma.c in the Linux kernel up to and including 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows malicious users to cause a denial of service (use-after-free).
Linux Linux Kernel
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Debian Debian Linux 9.0
Debian Debian Linux 8.0
632
VMScore
CVE-2018-10938
A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A cer...
Linux Linux Kernel 4.0
Linux Linux Kernel 4.1
Linux Linux Kernel 4.2
Linux Linux Kernel 4.4
Linux Linux Kernel 4.6
Linux Linux Kernel 4.8
Linux Linux Kernel 4.10
Linux Linux Kernel 4.12
Linux Linux Kernel 4.3
Linux Linux Kernel 4.5
Linux Linux Kernel 4.7
Linux Linux Kernel 4.9
Linux Linux Kernel 4.11
Linux Linux Kernel 4.13
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 9.0
321
VMScore
CVE-2018-16658
An issue exists in the Linux kernel prior to 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local malicious users to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to ...
Linux Linux Kernel
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 9.0
Debian Debian Linux 8.0
440
VMScore
CVE-2006-4343
The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 prior to 0.9.7l, 0.9.8 prior to 0.9.8d, and previous versions versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference.
Openssl Openssl 0.9.7f
Openssl Openssl 0.9.7g
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.7a
Openssl Openssl 0.9.7b
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.7j
Openssl Openssl 0.9.7k
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.7e
Openssl Openssl 0.9.8
Openssl Openssl 0.9.8a
Openssl Openssl 0.9.7
Openssl Openssl 0.9.7h
Openssl Openssl 0.9.7i
Debian Debian Linux 3.1
Canonical Ubuntu Linux 5.04
Canonical Ubuntu Linux 5.10
Canonical Ubuntu Linux 6.06
2 EDB exploits
1000
VMScore
CVE-2004-0600
Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote malicious users to execute arbitrary code via an invalid base-64 character during HTTP basic authentication.
Samba Samba 3.0.2
Samba Samba 3.0.2a
Samba Samba 3.0.3
Samba Samba 3.0.4
Trustix Secure Linux 2.0
Trustix Secure Linux 2.1
Trustix Secure Linux 1.5
1 EDB exploit
435
VMScore
CVE-2004-1939
Cross-site scripting (XSS) vulnerability in Zaep AntiSpam 2.0 allows remote malicious users to inject arbitrary web script or HTML via double encoded slashes (%252F) in the key parameter.
Rhinosoft Zaep Antispam 2.0
Rhinosoft Zaep Antispam 2.0 .0.1
1 EDB exploit
755
VMScore
CVE-2004-2263
SQL injection vulnerability in the valid function in fr_left.php in PlaySMS 0.7 and previous versions allows remote malicious users to modify SQL statements via the vc2 cookie.
Playsms Playsms 0.6
Playsms Playsms 0.7
1 EDB exploit
755
VMScore
CVE-2002-1179
Buffer overflow in the S/MIME Parsing capability in Microsoft Outlook Express 5.5 and 6.0 allows remote malicious users to execute arbitrary code via a digitally signed email with a long "From" address, which triggers the overflow when the user views or previews the mes...
Microsoft Outlook Express 6.0
Microsoft Outlook Express 5.5
1 EDB exploit
755
VMScore
CVE-2004-2737
SQL injection vulnerability in problist.asp in NetSupport DNA HelpDesk 1.01 allows remote malicious users to execute arbitrary SQL commands via the where parameter.
Netsupport Dna Helpdesk 1.01
1 EDB exploit
505
VMScore
CVE-2005-0404
KMail 1.7.1 in KDE 3.3.2 allows remote malicious users to spoof email information, such as whether the email has been digitally signed or encrypted, via HTML formatted email.
Kmail Kmail 1.7.1
Kde Kde 3.3.2
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »