Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
total security vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2022-23773
cmd/go in Go prior to 1.16.14 and 1.17.x prior to 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access control if an actor is supposed to be able to create branches but not tags.
Golang Go
Netapp Storagegrid -
Netapp Cloud Insights Telegraf Agent -
Netapp Kubernetes Monitoring Operator -
Netapp Beegfs Csi Driver -
4 Github repositories
6.4
CVSSv2
CVE-2022-23806
Curve.IsOnCurve in crypto/elliptic in Go prior to 1.16.14 and 1.17.x prior to 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element.
Golang Go
Netapp Storagegrid -
Netapp Cloud Insights Telegraf Agent -
Netapp Kubernetes Monitoring Operator -
Netapp Beegfs Csi Driver -
Debian Debian Linux 9.0
3 Github repositories
3.5
CVSSv2
CVE-2022-21713
Grafana is an open-source platform for monitoring and observability. Affected versions of Grafana expose multiple API endpoints which do not properly handle user authorization. `/teams/:teamId` will allow an authenticated malicious user to view unintended data by querying for the...
Grafana Grafana
Grafana Grafana 5.0.0
Netapp E-series Performance Analyzer
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
5.8
CVSSv2
CVE-2021-44717
Go prior to 1.16.12 and 1.17.x prior to 1.17.5 on UNIX allows write operations to an unintended file or unintended network connection as a consequence of erroneous closing of file descriptor 0 after file-descriptor exhaustion.
Golang Go
Debian Debian Linux 9.0
5
CVSSv2
CVE-2021-41771
ImportedSymbols in debug/macho (for Open or OpenFat) in Go prior to 1.16.10 and 1.17.x prior to 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation.
Golang Go
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
2.1
CVSSv2
CVE-2021-41197
TensorFlow is an open source platform for machine learning. In affected versions TensorFlow allows tensor to have a large number of dimensions and each dimension can be as large as desired. However, the total number of elements in a tensor must fit within an `int64_t`. If an over...
Google Tensorflow
7.8
CVSSv2
CVE-2021-35053
Possible system denial of service in case of arbitrary changing Firefox browser parameters. An attacker could change specific Firefox browser parameters file in a certain way and then reboot the system to make the system unbootable.
Kaspersky Endpoint Security
7.2
CVSSv2
CVE-2021-3576
Execution with Unnecessary Privileges vulnerability in Bitdefender Endpoint Security Tools, Total Security allows a local malicious user to elevate to 'NT AUTHORITY\System. Impersonation enables the server thread to perform actions on behalf of the client but within the limi...
Bitdefender Endpoint Security Tools
Bitdefender Total Security
4.6
CVSSv2
CVE-2021-3579
Incorrect Default Permissions vulnerability in the bdservicehost.exe and Vulnerability.Scan.exe components as used in Bitdefender Endpoint Security Tools for Windows, Total Security allows a local malicious user to elevate privileges to NT AUTHORITY\SYSTEM This issue affects: Bit...
Bitdefender Endpoint Security Tools
Bitdefender Total Security
4.3
CVSSv2
CVE-2021-1616
A vulnerability in the H.323 application level gateway (ALG) used by the Network Address Translation (NAT) feature of Cisco IOS XE Software could allow an unauthenticated, remote malicious user to bypass the ALG. This vulnerability is due to insufficient data validation of traffi...
Cisco Ios Xe
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »