Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
project log vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2018-4056
An exploitable SQL injection vulnerability exists in the administrator web portal function of coTURN prior to version 4.5.0.9. A login message with a specially crafted username can cause an SQL injection, resulting in authentication bypass, which could give access to the TURN ser...
Coturn Project Coturn
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.5
CVSSv2
CVE-2021-45411
In Sourcecodetester Printable Staff ID Card Creator System 1.0 after compromising the database via SQLi, an attacker can log in and leverage an arbitrary file upload vulnerability to obtain remote code execution.
Printable Staff Id Card Creator System Project Printable Staff Id Card Creator System 1.0
2.1
CVSSv2
CVE-2015-7758
Gummi 0.6.5 allows local users to write to arbitrary files via a symlink attack on a temporary dot file that uses the name of an existing file and a (1) .aux, (2) .log, (3) .out, (4) .pdf, or (5) .toc extension for the file name, as demonstrated by .thesis.tex.aux.
Opensuse Opensuse 13.1
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Gummi Project Gummi 0.6.5
5
CVSSv2
CVE-2014-3683
Integer overflow in rsyslog prior to 7.6.7 and 8.x prior to 8.4.2 and sysklogd 1.5 and previous versions allows remote malicious users to cause a denial of service (crash) via a large priority (PRI) value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-...
Rsyslog Rsyslog 8.1.5
Rsyslog Rsyslog 8.1.6
Rsyslog Rsyslog 8.3.2
Rsyslog Rsyslog 8.3.3
Rsyslog Rsyslog
Rsyslog Rsyslog 8.1.0
Rsyslog Rsyslog 8.2.0
Rsyslog Rsyslog 8.2.1
Rsyslog Rsyslog 8.3.4
Rsyslog Rsyslog 8.3.5
Rsyslog Rsyslog 8.1.1
Rsyslog Rsyslog 8.1.2
Rsyslog Rsyslog 8.2.2
Rsyslog Rsyslog 8.2.3
Rsyslog Rsyslog 8.4.0
Rsyslog Rsyslog 8.4.1
Rsyslog Rsyslog 8.1.3
Rsyslog Rsyslog 8.1.4
Rsyslog Rsyslog 8.3.0
Rsyslog Rsyslog 8.3.1
Sysklogd Project Sysklogd 1.4
Sysklogd Project Sysklogd 1.4.1
5
CVSSv2
CVE-2014-1484
Mozilla Firefox prior to 27.0 on Android 4.2 and previous versions creates system-log entries containing profile paths, which allows malicious users to obtain sensitive information via a crafted application.
Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Server 11
Suse Linux Enterprise Desktop 11
Mozilla Firefox 0.4
Mozilla Firefox 0.5
Mozilla Firefox 0.9.1
Mozilla Firefox 0.9.2
Mozilla Firefox 1.0.4
Mozilla Firefox 1.0.5
Mozilla Firefox 1.5.0.1
Mozilla Firefox 1.5.0.10
Mozilla Firefox 1.5.0.7
Mozilla Firefox 1.5.0.8
Mozilla Firefox 1.5.6
Mozilla Firefox 1.5.7
Mozilla Firefox 2.0.0.13
Mozilla Firefox 2.0.0.14
Mozilla Firefox 2.0.0.15
Mozilla Firefox 2.0.0.3
Mozilla Firefox 2.0.0.4
Mozilla Firefox 3.0.18
Mozilla Firefox 3.0
2.1
CVSSv2
CVE-2017-15112
keycloak-httpd-client-install versions prior to 0.8 allow users to insecurely pass password through command line, leaking it via command history and process info to other local users.
Keycloak-httpd-client-install Project Keycloak-httpd-client-install
4
CVSSv2
CVE-2021-21234
spring-boot-actuator-logview in a library that adds a simple logfile viewer as spring boot actuator endpoint. It is maven package "eu.hinsch:spring-boot-actuator-logview". In spring-boot-actuator-logview before version 0.2.13 there is a directory traversal vulnerability...
Spring-boot-actuator-logview Project Spring-boot-actuator-logview
4 Github repositories
NA
CVE-2023-40852
SQL Injection vulnerability in Phpgurukul User Registration & Login and User Management System With admin panel 3.0 allows malicious users to obtain sensitive information via crafted string in the admin user name field on the admin log in page.
User Registration \\& Login And User Management System With Admin Panel Project User Registration \\& Login And User Management System With Admin Panel 3.0
7.5
CVSSv2
CVE-2017-9228
An issue exists in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby up to and including 2.4.1 and mbstring in PHP up to and including 7.1.5. A heap out-of-bounds write occurs in bitset_set_range() during regular expression compilation due to an uninitialized variable from an inc...
Oniguruma Project Oniguruma 6.2.0
Php Php
5
CVSSv2
CVE-2017-9229
An issue exists in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby up to and including 2.4.1 and mbstring in PHP up to and including 7.1.5. A SIGSEGV occurs in left_adjust_char_head() during regular expression compilation. Invalid handling of reg->dmax in forward_search_rang...
Oniguruma Project Oniguruma 6.2.0
Ruby-lang Ruby
Php Php
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »