Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cyber security vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2017-11882
Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an malicious user to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "...
Microsoft Office 2013
Microsoft Office 2010
Microsoft Office 2016
Microsoft Office 2007
1 EDB exploit
62 Github repositories
50 Articles
7
CVSSv3
CVE-2017-2624
It was found that xorg-x11-server prior to 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp() implementations return after an invalid byte is...
X.org Xorg-server
Debian Debian Linux 7.0
1 Github repository
NA
CVE-2006-7184
Multiple PHP remote file inclusion vulnerabilities in Exhibit Engine (EE) 1.22, and possibly earlier, allow remote malicious users to execute arbitrary PHP code via a URL in the toroot parameter to (1) fetchsettings.php or (2) fstyles.php. NOTE: the provenance of this information...
Photography-on-the-net Exhibit Engine 2
2 EDB exploits
NA
CVE-2007-2065
PHP remote file inclusion vulnerability in db/PollDB.php in Robert Ladstaetter ActionPoll 1.1.1 allows remote malicious users to execute arbitrary PHP code via a URL in the CONFIG_DATAREADERWRITER parameter, a different vector than CVE-2001-1297. NOTE: the provenance of this info...
Actionpoll Actionpoll 1.1.1
1 EDB exploit
NA
CVE-2007-2064
Multiple PHP remote file inclusion vulnerabilities in Robert Ladstaetter ActionPoll 1.1.0, and possibly 1.1.1, allow remote malicious users to execute arbitrary PHP code via a URL in (1) the CONFIG_POLLDB parameter to actionpoll.php or (2) the CONFIG_DB parameter to db/DataReader...
Actionpoll Actionpoll 1.1.0
Actionpoll Actionpoll 1.1.1
2 EDB exploits
NA
CVE-2009-1328
Stack-based buffer overflow in Mini-stream RM-MP3 Converter 3.0.0.7 allows remote malicious users to execute arbitrary code via a long URI in a playlist (.m3u) file.
Mini-stream Rm-mp3 Converter 3.0.0.7
7 EDB exploits
1 Github repository
9.8
CVSSv3
CVE-2019-18641
Rock RMS prior to 1.8.6 mishandles vCard access control within the People/GetVCard/REST controller.
Sparkdevnetwork Rock Rms
9.8
CVSSv3
CVE-2019-18642
Rock RMS version prior to 8.6 is vulnerable to account takeover by tampering with the user ID parameter in the profile update feature. The lack of validation and use of sequential user IDs allows any user to change account details of any other user. This vulnerability could be us...
Sparkdevnetwork Rock Rms
9.8
CVSSv3
CVE-2019-18643
Rock RMS versions prior to 8.10 and versions 9.0 up to and including 9.3 fails to properly validate files uploaded in the application. The only protection mechanism is a file-extension blacklist that can be bypassed by adding multiple spaces and periods after the file name. This ...
Sparkdevnetwork Rock Rms
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10