Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
login security project vulnerabilities and exploits
(subscribe to this query)
2.6
CVSSv2
CVE-2016-2513
The password hasher in contrib/auth/hashers.py in Django prior to 1.8.10 and 1.9.x prior to 1.9.3 allows remote malicious users to enumerate users via a timing attack involving login requests.
Djangoproject Django 1.8.9
Djangoproject Django 1.9.2
Djangoproject Django 1.9.1
Djangoproject Django 1.9
4.9
CVSSv2
CVE-2016-0771
The internal DNS server in Samba 4.x prior to 4.1.23, 4.2.x prior to 4.2.9, 4.3.x prior to 4.3.6, and 4.4.x prior to 4.4.0rc4, when an AD DC is configured, allows remote authenticated users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information...
Samba Samba 4.3.4
Samba Samba 4.3.3
Samba Samba 4.2.6
Samba Samba 4.2.5
Samba Samba 4.2.0
Samba Samba 4.1.21
Samba Samba 4.1.20
Samba Samba 4.1.14
Samba Samba 4.1.13
Samba Samba 4.0.8
Samba Samba 4.0.7
Samba Samba 4.0.6
Samba Samba 4.0.21
Samba Samba 4.0.20
Samba Samba 4.0.14
Samba Samba 4.0.13
Samba Samba 4.4.0
Samba Samba 4.1.22
Samba Samba 4.3.2
Samba Samba 4.2.2
Samba Samba 4.2.1
Samba Samba 4.1.6
4
CVSSv2
CVE-2015-7560
The SMB1 implementation in smbd in Samba 3.x and 4.x prior to 4.1.23, 4.2.x prior to 4.2.9, 4.3.x prior to 4.3.6, and 4.4.x prior to 4.4.0rc4 allows remote authenticated users to modify arbitrary ACLs by using a UNIX SMB1 call to create a symlink, and then using a non-UNIX SMB1 c...
Samba Samba 4.4.0
Samba Samba
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Debian Debian Linux 7.0
6.8
CVSSv2
CVE-2016-1950
Heap-based buffer overflow in Mozilla Network Security Services (NSS) prior to 3.19.2.3 and 3.20.x and 3.21.x prior to 3.21.1, as used in Mozilla Firefox prior to 45.0 and Firefox ESR 38.x prior to 38.7, allows remote malicious users to execute arbitrary code via crafted ASN.1 da...
Mozilla Network Security Services 3.21
Mozilla Network Security Services 3.19.2
Mozilla Network Security Services 3.20
Mozilla Network Security Services 3.20.1
Mozilla Firefox
Mozilla Firefox Esr 38.6.1
Mozilla Firefox Esr 38.1.1
Mozilla Firefox Esr 38.1.0
Mozilla Firefox Esr 38.2.1
Mozilla Firefox Esr 38.2.0
Mozilla Firefox Esr 38.6.0
Mozilla Firefox Esr 38.5.1
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.0.1
Mozilla Firefox Esr 38.5.0
Mozilla Firefox Esr 38.4.0
Mozilla Firefox Esr 38.3.0
Mozilla Firefox Esr 38.0
Oracle Linux 5.0
Oracle Vm Server 3.2
Oracle Linux 7
Oracle Linux 6
6.4
CVSSv2
CVE-2016-1938
The s_mp_div function in lib/freebl/mpi/mpi.c in Mozilla Network Security Services (NSS) prior to 3.21, as used in Mozilla Firefox prior to 44.0, improperly divides numbers, which might make it easier for remote malicious users to defeat cryptographic protection mechanisms by lev...
Opensuse Opensuse 13.1
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Mozilla Nss
Mozilla Firefox
6
CVSSv2
CVE-2015-8467
The samldb_check_user_account_control_acl function in dsdb/samdb/ldb_modules/samldb.c in Samba 4.x prior to 4.1.22, 4.2.x prior to 4.2.7, and 4.3.x prior to 4.3.3 does not properly check for administrative privileges during creation of machine accounts, which allows remote authen...
Samba Samba
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
6.8
CVSSv2
CVE-2015-8124
Session fixation vulnerability in the "Remember Me" login feature in Symfony 2.3.x prior to 2.3.35, 2.6.x prior to 2.6.12, and 2.7.x prior to 2.7.7 allows remote malicious users to hijack web sessions via a session id.
Sensiolabs Symfony 2.3.24
Sensiolabs Symfony 2.3.33
Sensiolabs Symfony 2.3.2
Sensiolabs Symfony 2.3.8
Sensiolabs Symfony 2.3.21
Sensiolabs Symfony 2.3.7
Sensiolabs Symfony 2.3.14
Sensiolabs Symfony 2.3.12
Sensiolabs Symfony 2.3.17
Sensiolabs Symfony 2.6.6
Sensiolabs Symfony 2.6.9
Sensiolabs Symfony 2.7.3
Sensiolabs Symfony 2.7.2
Sensiolabs Symfony 2.3.27
Sensiolabs Symfony 2.3.32
Sensiolabs Symfony 2.3.19
Sensiolabs Symfony 2.3.6
Sensiolabs Symfony 2.3.4
Sensiolabs Symfony 2.3.31
Sensiolabs Symfony 2.3.5
Sensiolabs Symfony 2.3.22
Sensiolabs Symfony 2.3.10
7.5
CVSSv2
CVE-2015-8125
Symfony 2.3.x prior to 2.3.35, 2.6.x prior to 2.6.12, and 2.7.x prior to 2.7.7 might allow remote malicious users to have unspecified impact via a timing attack involving the (1) Symfony/Component/Security/Http/RememberMe/PersistentTokenBasedRememberMeServices or (2) Symfony/Comp...
Sensiolabs Symfony 2.3.6
Sensiolabs Symfony 2.3.7
Sensiolabs Symfony 2.3.14
Sensiolabs Symfony 2.3.15
Sensiolabs Symfony 2.3.22
Sensiolabs Symfony 2.3.23
Sensiolabs Symfony 2.3.31
Sensiolabs Symfony 2.3.32
Sensiolabs Symfony 2.6.4
Sensiolabs Symfony 2.6.5
Sensiolabs Symfony 2.7.0
Sensiolabs Symfony 2.7.1
Sensiolabs Symfony 2.3.3
Sensiolabs Symfony 2.3.4
Sensiolabs Symfony 2.3.5
Sensiolabs Symfony 2.3.12
Sensiolabs Symfony 2.3.13
Sensiolabs Symfony 2.3.20
Sensiolabs Symfony 2.3.21
Sensiolabs Symfony 2.3.29
Sensiolabs Symfony 2.3.30
Sensiolabs Symfony 2.6.2
6.8
CVSSv2
CVE-2015-7696
Info-ZIP UnZip 6.0 allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash) or possibly execute arbitrary code via a crafted password-protected ZIP archive, possibly related to an Extra-Field size value.
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 15.04
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Unzip Project Unzip 6.0
4.3
CVSSv2
CVE-2015-7697
Info-ZIP UnZip 6.0 allows remote malicious users to cause a denial of service (infinite loop) via empty bzip2 data in a ZIP archive.
Debian Debian Linux 8.0
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Debian Debian Linux 7.0
Unzip Project Unzip 6.0
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »