Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
expression web vulnerabilities and exploits
(subscribe to this query)
4.9
CVSSv2
CVE-2007-1893
xmlrpc (xmlrpc.php) in WordPress 2.1.2, and probably earlier, allows remote authenticated users with the contributor role to bypass intended access restrictions and invoke the publish_posts functionality, which can be used to "publish a previously saved post."
Wordpress Wordpress
6.5
CVSSv2
CVE-2007-1897
SQL injection vulnerability in xmlrpc (xmlrpc.php) in WordPress 2.1.2, and probably earlier, allows remote authenticated users to execute arbitrary SQL commands via a string parameter value in an XML RPC mt.setPostCategories method call, related to the post_id variable.
Wordpress Wordpress
Wordpress Wordpress 2.1
Wordpress Wordpress 2.1.1
1 EDB exploit
7.5
CVSSv2
CVE-2005-2270
Firefox prior to 1.0.5 and Mozilla prior to 1.7.9 does not properly clone base objects, which allows remote malicious users to execute arbitrary code by navigating the prototype chain to reach a privileged object.
Mozilla Firefox 0.9.2
Mozilla Firefox 0.9.3
Mozilla Mozilla 1.3
Mozilla Firefox 0.9
Mozilla Firefox 1.0
Mozilla Mozilla 1.4.1
Mozilla Mozilla 1.4
Mozilla Mozilla 1.6
Mozilla Mozilla 1.7
Mozilla Mozilla 1.7.8
Mozilla Firefox 0.9.1
Mozilla Firefox 1.0.3
Mozilla Firefox 1.0.4
Mozilla Mozilla 1.5
Mozilla Mozilla 1.7.3
Mozilla Mozilla 1.7.5
Mozilla Mozilla 1.7.6
Mozilla Mozilla 1.7.7
Mozilla Firefox 0.10
Mozilla Firefox 0.10.1
Mozilla Firefox 0.8
Mozilla Firefox 1.0.1
6.8
CVSSv2
CVE-2007-1659
Perl-Compatible Regular Expression (PCRE) library prior to 7.3 allows context-dependent malicious users to cause a denial of service (crash) and possibly execute arbitrary code via regex patterns containing unmatched "\Q\E" sequences with orphan "\E" codes.
Pcre Pcre
6.8
CVSSv2
CVE-2007-1660
Perl-Compatible Regular Expression (PCRE) library prior to 7.0 does not properly calculate sizes for unspecified "multiple forms of character class", which triggers a buffer overflow that allows context-dependent malicious users to cause a denial of service (crash) and ...
Pcre Pcre
5
CVSSv2
CVE-2007-1662
Perl-Compatible Regular Expression (PCRE) library prior to 7.3 reads past the end of the string when searching for unmatched brackets and parentheses, which allows context-dependent malicious users to cause a denial of service (crash), possibly involving forward references.
Pcre Pcre
7.5
CVSSv2
CVE-2007-4766
Multiple integer overflows in Perl-Compatible Regular Expression (PCRE) library prior to 7.3 allow context-dependent malicious users to cause a denial of service (crash) or execute arbitrary code via unspecified escape (backslash) sequences.
Pcre Pcre
5
CVSSv2
CVE-2007-4767
Perl-Compatible Regular Expression (PCRE) library prior to 7.3 does not properly compute the length of (1) a \p sequence, (2) a \P sequence, or (3) a \P{x} sequence, which allows context-dependent malicious users to cause a denial of service (infinite loop or crash) or execute ar...
Pcre Pcre
6.8
CVSSv2
CVE-2007-4768
Heap-based buffer overflow in Perl-Compatible Regular Expression (PCRE) library prior to 7.3 allows context-dependent malicious users to execute arbitrary code via a singleton Unicode sequence in a character class in a regex pattern, which is incorrectly optimized.
Pcre Pcre
7.5
CVSSv2
CVE-2020-11945
An issue exists in Squid prior to 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that are otherwise forbidden. This occurs because the attacker can overflow the nonce reference counter (a short integer). Remote code execution...
Squid-cache Squid
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »