Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
font project font vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2011-0778
Google Chrome prior to 9.0.597.84 does not properly restrict drag and drop operations, which might allow remote malicious users to bypass the Same Origin Policy via unspecified vectors.
Google Chrome
6.8
CVSSv2
CVE-2010-4040
Google Chrome prior to 7.0.517.41 does not properly handle animated GIF images, which allows remote malicious users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted image.
Google Chrome
Debian Debian Linux 6.0
Debian Debian Linux 7.0
Opensuse Opensuse
6.8
CVSSv2
CVE-2010-4199
Google Chrome prior to 7.0.517.44 does not properly perform a cast of an unspecified variable during processing of an SVG use element, which allows remote malicious users to cause a denial of service or possibly have unspecified other impact via a crafted SVG document.
Google Chrome
Debian Debian Linux 6.0
Debian Debian Linux 7.0
7.5
CVSSv2
CVE-2010-4492
Use-after-free vulnerability in Google Chrome prior to 8.0.552.215 allows remote malicious users to cause a denial of service or possibly have unspecified other impact via vectors involving SVG animations.
Google Chrome
Debian Debian Linux 6.0
Debian Debian Linux 7.0
4.3
CVSSv2
CVE-2010-4493
Use-after-free vulnerability in Google Chrome prior to 8.0.552.215 allows remote malicious users to cause a denial of service via vectors related to the handling of mouse dragging events.
Google Chrome
Debian Debian Linux 6.0
Debian Debian Linux 7.0
7.5
CVSSv2
CVE-2010-4578
Google Chrome prior to 8.0.552.224 and Chrome OS prior to 8.0.552.343 do not properly perform cursor handling, which allows remote malicious users to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers."
Google Chrome Os
Google Chrome
Debian Debian Linux 6.0
Debian Debian Linux 7.0
9.3
CVSSv2
CVE-2007-1667
Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 prior to 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote malicious users to cause a denial of service (crash) or obtain sensitive information via crafted i...
X.org Libx11
Imagemagick Imagemagick
3.5
CVSSv2
CVE-2015-5622
Cross-site scripting (XSS) vulnerability in WordPress prior to 4.2.3 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the Author or Contributor role to place a crafted shortcode inside an HTML element, related to wp-includes/kses.php and wp-i...
Wordpress Wordpress
Debian Debian Linux 8.0
13 Github repositories
4.3
CVSSv2
CVE-2019-11358
jQuery prior to 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
Jquery Jquery
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Drupal Drupal
Backdropcms Backdrop
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Netapp Snapcenter -
Netapp Oncommand System Manager
Redhat Cloudforms 4.7
Redhat Virtualization Manager 4.3
Oracle Service Bus 12.1.3.0.0
Oracle Primavera Unifier 16.2
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Weblogic Server 12.1.3.0.0
Oracle Service Bus 11.1.1.9.0
Oracle Jdeveloper 11.1.1.9.0
Oracle Primavera Unifier 16.1
123 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10