Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
aware vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2020-16009
Inappropriate implementation in V8 in Google Chrome before 86.0.4240.183 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Microsoft Edge Chromium
Microsoft Edge
Cefsharp Cefsharp
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 10.0
2 Articles
5
CVSSv2
CVE-2021-31010
A deserialization issue was addressed through improved validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 12.5.5, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. A sandboxed process may be able to circumvent sandbox restrictions. Apple was awar...
Apple Mac Os X
Apple Mac Os X 10.15.7
Apple Ipados
Apple Watchos
Apple Iphone Os
Apple Macos
6.8
CVSSv2
CVE-2021-30554
Use after free in WebGL in Google Chrome before 91.0.4472.114 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 33
Fedoraproject Fedora 34
6.8
CVSSv2
CVE-2021-30563
Type Confusion in V8 in Google Chrome before 91.0.4472.164 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
NA
CVE-2022-48618
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2 and iPadOS 16.2, tvOS 16.2. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue...
Apple Ipados
Apple Iphone Os
Apple Watchos
Apple Tvos
Apple Macos
5
CVSSv2
CVE-2021-39204
Pomerium is an open source identity-aware access proxy. Envoy, which Pomerium is based on, incorrectly handles resetting of HTTP/2 streams with excessive complexity. This can lead to high CPU utilization when a large number of streams are reset. This can result in a DoS condition...
Envoyproxy Envoy 1.19.0
Envoyproxy Envoy
Pomerium Pomerium 0.15.0
Pomerium Pomerium
NA
CVE-2023-41064
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 16.6.1 and iPadOS 16.6.1, macOS Monterey 12.6.9, macOS Ventura 13.5.2, iOS 15.7.9 and iPadOS 15.7.9, macOS Big Sur 11.7.10. Processing a maliciously crafted image may lead to arbitrary...
Apple Ipados
Apple Iphone Os
Apple Macos
5 Github repositories
4 Articles
6.8
CVSSv2
CVE-2021-21206
Use after free in Blink in Google Chrome before 89.0.4389.128 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
NA
CVE-2023-6551
As a simple library, class.upload.php does not perform an in-depth check on uploaded files, allowing a stored XSS vulnerability when the default configuration is used. Developers must be aware of that fact and use extension whitelisting accompanied by forcing the server to always...
Verot Class.upload.php -
5
CVSSv2
CVE-2021-26697
The lineage endpoint of the deprecated Experimental API was not protected by authentication in Airflow 2.0.0. This allowed unauthenticated users to hit that endpoint. This is low-severity issue as the attacker needs to be aware of certain parameters to pass to that endpoint and e...
Apache Airflow 2.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »