Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
client security vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-12526
An issue exists in Squid prior to 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When receiving data from a remote server in response to an URN request, Squid fails to ensure that the response can fit within the buffer. This leads to attacker contr...
Squid-cache Squid
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
9.8
CVSSv3
CVE-2019-6675
BIG-IP configurations using Active Directory, LDAP, or Client Certificate LDAP for management authentication with multiple servers are exposed to a vulnerability which allows an authentication bypass. This can result in a complete compromise of the system. This issue only impacts...
F5 Big-ip Link Controller
F5 Big-ip Link Controller 14.1.0.3.0.79.6-eng Hotfix
F5 Big-ip Link Controller 14.1.0.3.0.97.6-eng Hotfix
F5 Big-ip Link Controller 14.1.0.3.0.99.6-eng Hotfix
F5 Big-ip Link Controller 14.1.0.5.0.15.5-eng Hotfix
F5 Big-ip Link Controller 14.1.0.5.0.36.5-eng Hotfix
F5 Big-ip Link Controller 14.1.0.5.0.40.5-eng Hotfix
F5 Big-ip Link Controller 14.1.0.6.0.11.9-eng Hotfix
F5 Big-ip Link Controller 14.1.0.6.0.14.9-eng Hotfix
F5 Big-ip Link Controller 14.1.0.6.0.68.9-eng Hotfix
F5 Big-ip Link Controller 14.1.0.6.0.70.9-eng Hotfix
F5 Big-ip Link Controller 14.1.2.0.11.37-eng Hotfix
F5 Big-ip Link Controller 14.1.2.0.18.37-eng Hotfix
F5 Big-ip Link Controller 14.1.2.0.32.37-eng Hotfix
F5 Big-ip Link Controller 14.1.2.1.0.46.4-eng Hotfix
F5 Big-ip Link Controller 14.1.2.1.0.14.4-eng Hotfix
F5 Big-ip Link Controller 14.1.2.1.0.16.4-eng Hotfix
F5 Big-ip Link Controller 14.1.2.1.0.34.4-eng Hotfix
F5 Big-ip Link Controller 14.1.2.1.0.97.4-eng Hotfix
F5 Big-ip Link Controller 14.1.2.1.0.99.4-eng Hotfix
F5 Big-ip Link Controller 14.1.2.1.0.105.4-eng Hotfix
F5 Big-ip Link Controller 14.1.2.1.0.111.4-eng Hotfix
9.8
CVSSv3
CVE-2019-12419
Apache CXF prior to 3.3.4 and 3.2.11 provides all of the components that are required to build a fully fledged OpenId Connect service. There is a vulnerability in the access token services, where it does not validate that the authenticated principal is equal to that of the suppli...
Apache Cxf
Oracle Flexcube Private Banking 12.1.0
Oracle Flexcube Private Banking 12.0.0
Oracle Retail Order Broker 15.0
Oracle Enterprise Manager Base Platform 13.2.1.0
Oracle Commerce Guided Search 11.3.2
9.8
CVSSv3
CVE-2019-16239
process_http_response in OpenConnect prior to 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes.
Infradead Openconnect
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Opensuse Leap 15.0
Opensuse Leap 15.1
9.8
CVSSv3
CVE-2019-5481
Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.
Haxx Curl
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Netapp Cloud Backup -
Netapp Steelstore -
Netapp Solidfire Baseboard Management Controller Firmware -
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Communications Operations Monitor 3.4
Oracle Communications Operations Monitor 4.0
Oracle Enterprise Manager Ops Center 12.4.0
Oracle Oss Support Tools 20.0
Oracle Communications Operations Monitor 4.2
Oracle Communications Operations Monitor 4.1
Oracle Communications Operations Monitor 4.3
Oracle Communications Session Border Controller 8.3
Oracle Communications Session Border Controller 8.4
Oracle Mysql Server
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.0
Opensuse Leap 15.1
9.8
CVSSv3
CVE-2019-5482
Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.
Haxx Curl
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.0
Opensuse Leap 15.1
Netapp Cloud Backup -
Netapp Snapcenter -
Netapp Steelstore Cloud Integrated Storage -
Netapp Oncommand Unified Manager
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Oracle Http Server 12.2.1.3.0
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Communications Operations Monitor 3.4
Oracle Communications Operations Monitor 4.0
Oracle Enterprise Manager Ops Center 12.4.0
Oracle Oss Support Tools 20.0
Oracle Http Server 12.2.1.4.0
Oracle Communications Operations Monitor 4.2
Oracle Communications Operations Monitor 4.1
Oracle Communications Operations Monitor 4.3
9.8
CVSSv3
CVE-2019-13656
An access vulnerability in CA Common Services DIA of CA Technologies Client Automation 14 and Workload Automation AE 11.3.5, 11.3.6 allows a remote malicious user to execute arbitrary code.
Broadcom Ca Workload Automation Ae 11.3.6
Broadcom Ca Workload Automation Ae 11.3.5
Broadcom Ca Client Automation 14.0
9.8
CVSSv3
CVE-2019-15846
Exim prior to 4.92.2 allows remote malicious users to execute arbitrary code as root via a trailing backslash.
Exim Exim
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
5 Github repositories
2 Articles
9.8
CVSSv3
CVE-2019-12262
Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and 7 has Incorrect Access Control in the RARP client component. IPNET security vulnerability: Handling of unsolicited Reverse ARP replies (Logical Flaw).
Windriver Vxworks 6.8
Windriver Vxworks 6.7
Windriver Vxworks 6.9
Windriver Vxworks 6.6
Windriver Vxworks 7.0
Belden Hirschmann Hios
Belden Garrettcom Magnum Dx940e Firmware
Siemens Ruggedcom Win7000 Firmware
Siemens Ruggedcom Win7018 Firmware
Siemens Ruggedcom Win7025 Firmware
Siemens Ruggedcom Win7200 Firmware
1 Article
9.8
CVSSv3
CVE-2019-13640
In qBittorrent prior to 4.1.7, the function Application::runExternalProgram() located in app/application.cpp allows command injection via shell metacharacters in the torrent name parameter or current tracker parameter, as demonstrated by remote command execution via a crafted nam...
Qbittorrent Qbittorrent
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »