Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
common applications vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-34233
The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Versions before 3.0.2 are vulnerable to command injection via single sign-on(SSO) browser URL authentication. In order to...
Snowflake Snowflake Connector
4.6
CVSSv3
CVE-2019-5264
There is an information disclosure vulnerability in certain Huawei smartphones (Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9). The software does not properly handle certain information of applications locked by applock...
Huawei Mate 10 Firmware
Huawei Mate 10 Pro Firmware
Huawei Honor V10 Firmware
Huawei Changxiang 7s Firmware
Huawei P-smart Firmware
Huawei Changxiang 8 Plus Firmware
Huawei Y9 2018 Firmware
Huawei Honor 9 Lite Firmware
Huawei Honor 9i Firmware
Huawei Mate 9 Firmware
NA
CVE-2011-4838
JRuby prior to 1.6.5.1 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent malicious users to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.
Jruby Jruby
7.5
CVSSv3
CVE-2021-46877
jackson-databind 2.10.x up to and including 2.12.x prior to 2.12.6 and 2.13.x prior to 2.13.1 allows malicious users to cause a denial of service (2 GB transient heap usage per read) in uncommon situations involving JsonNode JDK serialization.
Fasterxml Jackson-databind
Fasterxml Jackson-databind 2.13.0
NA
CVE-2005-1431
The "record packet parsing" in GnuTLS 1.2 prior to 1.2.3 and 1.0 prior to 1.0.25 allows remote malicious users to cause a denial of service, possibly related to padding bytes in gnutils_cipher.c.
Gnu Gnutls 1.0.23
Gnu Gnutls 1.0.24
Gnu Gnutls 1.2.0
Gnu Gnutls 1.0.19
Gnu Gnutls 1.0.20
Gnu Gnutls 1.0.18
Gnu Gnutls 1.2.1
Gnu Gnutls 1.2.2
Gnu Gnutls 1.0.21
Gnu Gnutls 1.0.22
5.9
CVSSv3
CVE-2021-23841
The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (whi...
Openssl Openssl
Debian Debian Linux 10.0
Tenable Tenable.sc
Tenable Nessus Network Monitor 5.11.1
Tenable Nessus Network Monitor 5.12.0
Tenable Nessus Network Monitor 5.12.1
Tenable Nessus Network Monitor 5.13.0
Tenable Nessus Network Monitor 5.11.0
Apple Macos
Apple Iphone Os
Apple Safari
Apple Ipados
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Oracle Business Intelligence 12.2.1.3.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Jd Edwards World Security A9.4
Oracle Business Intelligence 12.2.1.4.0
Oracle Business Intelligence 5.5.0.0.0
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Enterprise Manager For Storage Management 13.4.0.0
NA
CVE-2008-3162
Stack-based buffer overflow in the str_read_packet function in libavformat/psxstr.c in FFmpeg before r13993 allows remote malicious users to cause a denial of service (application crash) or execute arbitrary code via a crafted STR file that interleaves audio and video sectors.
Ffmpeg Ffmpeg 0.4.2
Ffmpeg Ffmpeg 0.4.3
Ffmpeg Ffmpeg 0.3.2
Ffmpeg Ffmpeg 0.3.3
Ffmpeg Ffmpeg 0.4.6
Ffmpeg Ffmpeg 0.4.7
Ffmpeg Ffmpeg 0.3.4
Ffmpeg Ffmpeg 0.4.0
Ffmpeg Ffmpeg 0.4.8
Ffmpeg Ffmpeg 0.4.9
Ffmpeg Ffmpeg 0.3
Ffmpeg Ffmpeg 0.3.1
Ffmpeg Ffmpeg 0.4.4
Ffmpeg Ffmpeg 0.4.5
1 EDB exploit
NA
CVE-2009-3979
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 3.0.16 and 3.5.x prior to 3.5.6, SeaMonkey prior to 2.0.1, and Thunderbird allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execut...
Mozilla Firefox 3.5.4
Mozilla Firefox 3.5.5
Mozilla Seamonkey 1.0.4
Mozilla Seamonkey 1.0.3
Mozilla Seamonkey 1.0.99
Mozilla Seamonkey 1.0.9
Mozilla Seamonkey 1.1.2
Mozilla Seamonkey 1.1.13
Mozilla Seamonkey 1.1
Mozilla Seamonkey 1.1.7
Mozilla Seamonkey 2.0
Mozilla Firefox 0.3
Mozilla Firefox 0.4
Mozilla Firefox 0.9.1
Mozilla Firefox 0.9
Mozilla Firefox 1.0.1
Mozilla Firefox 1.0
Mozilla Firefox 1.5.0.4
Mozilla Firefox 1.4.1
Mozilla Firefox 1.5.0.10
Mozilla Firefox 1.5
Mozilla Firefox 1.5.0.8
NA
CVE-2009-3986
Mozilla Firefox prior to 3.0.16 and 3.5.x prior to 3.5.6, and SeaMonkey prior to 2.0.1, allows remote malicious users to execute arbitrary JavaScript with chrome privileges by leveraging a reference to a chrome window from a content window, related to the window.opener property.
Mozilla Firefox 3.5.1
Mozilla Seamonkey 1.0.6
Mozilla Seamonkey 1.0.1
Mozilla Seamonkey 1.0
Mozilla Seamonkey 1.1
Mozilla Seamonkey 1.1.1
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.3
Mozilla Seamonkey 1.0.5
Mozilla Seamonkey 1.0.4
Mozilla Seamonkey 1.1.10
Mozilla Seamonkey 1.0.99
Mozilla Seamonkey 1.1.3
Mozilla Seamonkey 1.1.17
Mozilla Seamonkey 1.1.8
Mozilla Seamonkey 1.5.0.9
Mozilla Seamonkey 2.0
Mozilla Firefox 0.10.1
Mozilla Firefox 0.6.1
Mozilla Firefox 0.8
Mozilla Firefox 0.9.1
Mozilla Firefox 0.9
5.5
CVSSv3
CVE-2020-1788
Honor V30 smartphones with versions earlier than 10.0.1.135(C00E130R4P1) have an improper authentication vulnerability. Certain applications do not properly validate the identity of another application who would call its interface. An attacker could trick the user into installing...
Huawei Honor V30 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »