Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
aware vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-6551
As a simple library, class.upload.php does not perform an in-depth check on uploaded files, allowing a stored XSS vulnerability when the default configuration is used. Developers must be aware of that fact and use extension whitelisting accompanied by forcing the server to always...
Verot Class.upload.php -
7.5
CVSSv3
CVE-2021-31010
A deserialization issue was addressed through improved validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 12.5.5, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. A sandboxed process may be able to circumvent sandbox restrictions. Apple was awar...
Apple Mac Os X
Apple Mac Os X 10.15.7
Apple Ipados
Apple Watchos
Apple Iphone Os
Apple Macos
7.5
CVSSv3
CVE-2021-39204
Pomerium is an open source identity-aware access proxy. Envoy, which Pomerium is based on, incorrectly handles resetting of HTTP/2 streams with excessive complexity. This can lead to high CPU utilization when a large number of streams are reset. This can result in a DoS condition...
Envoyproxy Envoy
Envoyproxy Envoy 1.19.0
Pomerium Pomerium
Pomerium Pomerium 0.15.0
8.8
CVSSv3
CVE-2021-21206
Use after free in Blink in Google Chrome before 89.0.4389.128 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
7
CVSSv3
CVE-2022-48618
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2 and iPadOS 16.2, tvOS 16.2. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue...
Apple Ipados
Apple Iphone Os
Apple Watchos
Apple Tvos
Apple Macos
8.8
CVSSv3
CVE-2021-30554
Use after free in WebGL in Google Chrome before 91.0.4472.114 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 33
Fedoraproject Fedora 34
8.8
CVSSv3
CVE-2021-30563
Type Confusion in V8 in Google Chrome before 91.0.4472.164 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
9.8
CVSSv3
CVE-2014-125058
A vulnerability was found in LearnMeSomeCodes project3 and classified as critical. This issue affects the function search_first_name of the file search.rb. The manipulation leads to sql injection. The patch is named d3efa17ae9f6b2fc25a6bbcf165cefed17c7035e. It is recommended to a...
Address Book Project Address Book
NA
CVE-2001-0551
Buffer overflow in CDE Print Viewer (dtprintinfo) allows local users to execute arbitrary code by copying text from the clipboard into the Help window.
Hp Hp-ux 11.00
Hp Hp-ux 11.04
Hp Hp-ux 11.11
Hp Hp-ux 10.10
Hp Hp-ux 10.20
Hp Hp-ux 10.24
6.5
CVSSv3
CVE-2019-17656
A Stack-based Buffer Overflow vulnerability in the HTTPD daemon of FortiOS 6.0.10 and below, 6.2.2 and below and FortiProxy 1.0.x, 1.1.x, 1.2.9 and below, 2.0.0 and below may allow an authenticated remote malicious user to crash the service by sending a malformed PUT request to t...
Fortinet Fortiproxy
Fortinet Fortios
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »