Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
safe vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2017-17435
An issue exists in the software on Vaultek Gun Safe VT20i products, aka BlueSteal. An attacker can remotely unlock any safe in this product line without a valid PIN code. Even though the phone application requires it and there is a field to supply the PIN code in an authorization...
Vaulteksafe Vt20i Firmware -
NA
CVE-2002-0229
Safe Mode feature (safe_mode) in PHP 3.0 up to and including 4.1.0 allows attackers with access to the MySQL database to bypass Safe Mode access restrictions and read arbitrary files using "LOAD DATA INFILE LOCAL" SQL statements.
Php Php 3.0.13
Php Php 3.0.16
Php Php 3.0.8
Php Php 3.0.9
Php Php 4.1.0
Php Php 4.1.2
Php Php 3.0.1
Php Php 3.0.10
Php Php 3.0.4
Php Php 3.0.5
Php Php 4.0.3
Php Php 4.0.4
Php Php 3.0.11
Php Php 3.0.12
Php Php 3.0.6
Php Php 3.0.7
Php Php 4.0.5
Php Php 4.0.6
Php Php 3.0
Php Php 3.0.2
Php Php 3.0.3
Php Php 4.0
3 EDB exploits
NA
CVE-2008-0052
CoreServices in Apple Mac OS X 10.4.11 treats .ief as a safe file type, which allows remote malicious users to force Safari users into opening an .ief file in AppleWorks, even when the "Open 'Safe' files" preference is set.
Apple Mac Os X 10.4.11
Apple Mac Os X Server 10.4.11
NA
CVE-2006-1457
Safari on Apple Mac OS X 10.4.6, when "Open `safe' files after downloading" is enabled, will automatically expand archives, which could allow remote malicious users to overwrite arbitrary files via an archive that contains a symlink.
Apple Mac Os X 10.4.6
Apple Mac Os X Server 10.4.6
NA
CVE-2006-3504
The Download Validation in LaunchServices for Apple Mac OS X 10.4.7 can identify certain HTML as "safe", which could allow malicious users to execute Javascript code in local context when the "Open 'safe' files after downloading" option is enabled in...
Apple Mac Os X Server 10.4.7
Apple Mac Os X 10.4.7
8.8
CVSSv3
CVE-2020-9948
A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution.
Apple Safari
Webkit Webkitgtk\\+
Debian Debian Linux 10.0
1 Article
7.8
CVSSv3
CVE-2017-2715
The Files APP 7.1.1.309 and previous versions versions in some Huawei mobile phones has a brute-force password cracking vulnerability due to the improper design of the Safe key database. An unauthorized attacker could access sensitive database information and may crack users'...
Huawei Files
6.1
CVSSv3
CVE-2021-39199
remark-html is an open source nodejs library which compiles Markdown to HTML. In affected versions the documentation of remark-html has mentioned that it was safe by default. In practice the default was never safe and had to be opted into. That is, user input was not sanitized. T...
Remark Remark-html
5.4
CVSSv3
CVE-2024-22414
flaskBlog is a simple blog app built with Flask. Improper storage and rendering of the `/user/<user>` page allows a user's comments to execute arbitrary javascript code. The html template `user.html` contains the following code snippet to render comments made by a user...
Dogukanurker Flaskblog
NA
CVE-2006-0848
The "Open 'safe' files after downloading" option in Safari on Apple Mac OS X allows remote user-assisted malicious users to execute arbitrary commands by tricking a user into downloading a __MACOSX folder that contains metadata (resource fork) that invokes the...
Apple Mac Os X Server 10.4.5
Apple Mac Os X 10.4.5
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »