Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-25947
Prototype pollution vulnerability in 'nestie' versions 0.0.0 up to and including 1.0.0 allows an malicious user to cause a denial of service and may lead to remote code execution.
Nestie Project Nestie
9.8
CVSSv3
CVE-2021-25949
Prototype pollution vulnerability in 'set-getter' version 0.1.0 allows an malicious user to cause a denial of service and may lead to remote code execution.
Set-getter Project Set-getter 0.1.0
NA
CVE-2021-25950
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none
7.5
CVSSv3
CVE-2021-25951
XXE vulnerability in 'XML2Dict' version 0.2.2 allows an malicious user to cause a denial of service.
Xml2dict Project Xml2dict 0.2.2
7.8
CVSSv3
CVE-2017-11046
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when an audio driver ioctl handler is called, a kernel out-of-bounds write can potentially occur.
Google Android 8.0
9.8
CVSSv3
CVE-2021-25953
Prototype pollution vulnerability in 'putil-merge' versions1.0.0 up to and including 3.6.6 allows malicious user to cause a denial of service and may lead to remote code execution.
Putil-merge Project Putil-merge
9
CVSSv3
CVE-2021-25955
In “Dolibarr ERP CRM”, WYSIWYG Editor module, v2.8.1 to v13.0.2 are affected by a stored XSS vulnerability that allows low privileged application users to store malicious scripts in the “Private Note” field at “/adherents/note.php?id=1” endpoin...
Dolibarr Dolibarr
7.2
CVSSv3
CVE-2021-25956
In “Dolibarr” application, v3.3.beta1_20121221 to v13.0.2 have “Modify” access for admin level users to change other user’s details but fails to validate already existing “Login” name, while renaming the user “Login”. This lea...
Dolibarr Dolibarr
Dolibarr Dolibarr Erp\\/crm 3.3.0
7.5
CVSSv3
CVE-2021-25958
In Apache Ofbiz, versions v17.12.01 to v17.12.07 implement a try catch exception to handle errors at multiple locations but leaks out sensitive table info which may aid the attacker for further recon. A user can register with a very long password, but when he tries to login with ...
Apache Ofbiz
6.1
CVSSv3
CVE-2021-25959
In OpenCRX, versions v4.0.0 through v5.1.0 are vulnerable to reflected Cross-site Scripting (XSS), due to unsanitized parameters in the password reset functionality. This allows execution of external javascript files on any user of the openCRX instance.
Opencrx Opencrx
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »