Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
safe vulnerabilities and exploits
(subscribe to this query)
739
VMScore
CVE-2017-17435
An issue exists in the software on Vaultek Gun Safe VT20i products, aka BlueSteal. An attacker can remotely unlock any safe in this product line without a valid PIN code. Even though the phone application requires it and there is a field to supply the PIN code in an authorization...
Vaulteksafe Vt20i Firmware -
765
VMScore
CVE-2002-0229
Safe Mode feature (safe_mode) in PHP 3.0 up to and including 4.1.0 allows attackers with access to the MySQL database to bypass Safe Mode access restrictions and read arbitrary files using "LOAD DATA INFILE LOCAL" SQL statements.
Php Php 3.0.13
Php Php 3.0.16
Php Php 3.0.8
Php Php 3.0.9
Php Php 4.1.0
Php Php 4.1.2
Php Php 3.0.1
Php Php 3.0.10
Php Php 3.0.4
Php Php 3.0.5
Php Php 4.0.3
Php Php 4.0.4
Php Php 3.0.11
Php Php 3.0.12
Php Php 3.0.6
Php Php 3.0.7
Php Php 4.0.5
Php Php 4.0.6
Php Php 3.0
Php Php 3.0.2
Php Php 3.0.3
Php Php 4.0
3 EDB exploits
605
VMScore
CVE-2008-0052
CoreServices in Apple Mac OS X 10.4.11 treats .ief as a safe file type, which allows remote malicious users to force Safari users into opening an .ief file in AppleWorks, even when the "Open 'Safe' files" preference is set.
Apple Mac Os X 10.4.11
Apple Mac Os X Server 10.4.11
231
VMScore
CVE-2006-1457
Safari on Apple Mac OS X 10.4.6, when "Open `safe' files after downloading" is enabled, will automatically expand archives, which could allow remote malicious users to overwrite arbitrary files via an archive that contains a symlink.
Apple Mac Os X 10.4.6
Apple Mac Os X Server 10.4.6
454
VMScore
CVE-2006-3504
The Download Validation in LaunchServices for Apple Mac OS X 10.4.7 can identify certain HTML as "safe", which could allow malicious users to execute Javascript code in local context when the "Open 'safe' files after downloading" option is enabled in...
Apple Mac Os X Server 10.4.7
Apple Mac Os X 10.4.7
187
VMScore
CVE-2017-2715
The Files APP 7.1.1.309 and previous versions versions in some Huawei mobile phones has a brute-force password cracking vulnerability due to the improper design of the Safe key database. An unauthorized attacker could access sensitive database information and may crack users'...
Huawei Files
605
VMScore
CVE-2020-9948
A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution.
Apple Safari
Webkit Webkitgtk\\+
Debian Debian Linux 10.0
1 Article
NA
CVE-2024-22414
flaskBlog is a simple blog app built with Flask. Improper storage and rendering of the `/user/<user>` page allows a user's comments to execute arbitrary javascript code. The html template `user.html` contains the following code snippet to render comments made by a user...
Dogukanurker Flaskblog
383
VMScore
CVE-2021-39199
remark-html is an open source nodejs library which compiles Markdown to HTML. In affected versions the documentation of remark-html has mentioned that it was safe by default. In practice the default was never safe and had to be opted into. That is, user input was not sanitized. T...
Remark Remark-html
515
VMScore
CVE-2006-0848
The "Open 'safe' files after downloading" option in Safari on Apple Mac OS X allows remote user-assisted malicious users to execute arbitrary commands by tricking a user into downloading a __MACOSX folder that contains metadata (resource fork) that invokes the...
Apple Mac Os X Server 10.4.5
Apple Mac Os X 10.4.5
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »