Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
call to action vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2017-3207
The Java implementations of AMF3 deserializers in WebORB for Java by Midnight Coders, version 5.1.1.0, derive class instances from java.io.Externalizable rather than the AMF3 specification's recommendation of flash.utils.IExternalizable. A remote attacker with the ability to...
Themidnightcoders Weborb For Java 5.1.1.0
668
VMScore
CVE-2017-3208
The Java implementation of AMF3 deserializers used by WebORB for Java by Midnight Coders, version 5.1.1.0, allows external entity references (XXEs) from XML documents embedded within AMF3 messages. If the XML parsing is handled incorrectly it could potentially expose sensitive da...
Themidnightcoders Weborb For Java 5.1.1.0
668
VMScore
CVE-2017-5983
The JIRA Workflow Designer Plugin in Atlassian JIRA Server prior to 6.3.0 improperly uses an XML parser and deserializer, which allows remote malicious users to execute arbitrary code, read arbitrary files, or cause a denial of service via a crafted serialized Java object.
Atlassian Jira 4.2.4
Atlassian Jira 5.0.2
Atlassian Jira 5.0.3
Atlassian Jira 5.0.4
Atlassian Jira 5.0.5
Atlassian Jira 5.2.3
Atlassian Jira 5.2.4
Atlassian Jira 5.2.5
Atlassian Jira 5.2.6
Atlassian Jira 6.0.8
Atlassian Jira 6.1
Atlassian Jira 6.1.1
Atlassian Jira 6.1.2
Atlassian Jira 6.2.6
Atlassian Jira 6.2.7
Atlassian Jira 4.3.4
Atlassian Jira 4.4
Atlassian Jira 4.4.1
Atlassian Jira 4.4.2
Atlassian Jira 4.4.3
Atlassian Jira 5.1.3
Atlassian Jira 5.1.4
940
VMScore
CVE-2010-1527
Stack-based buffer overflow in Novell iPrint Client prior to 5.44 allows remote malicious users to execute arbitrary code via a long call-back-url parameter in an op-client-interface-version action.
Novell Iprint 4.34
Novell Iprint 4.36
Novell Iprint 5.40
Novell Iprint
Novell Iprint 4.26
Novell Iprint 4.38
Novell Iprint 5.04
Novell Iprint 4.27
Novell Iprint 4.28
Novell Iprint 5.30
Novell Iprint 5.32
Novell Iprint 4.30
Novell Iprint 4.32
Novell Iprint 5.20b
Novell Iprint 5.12
2 EDB exploits
755
VMScore
CVE-2005-3591
Macromedia Flash plugin (1) Flash.ocx 7.0.19.0 (Windows) and previous versions and (2) libflashplayer.so prior to 7.0.25.0 (Unix) allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via parameters to the ActionDefineFunction Acti...
Macromedia Flash Player 6.0
Macromedia Flash Player 7.0 R19
Macromedia Flash Player 6.0.79.0
Macromedia Flash Player 7.0.19.0
Macromedia Flash Player 6.0.47.0
Macromedia Flash Player 6.0.65.0
Macromedia Flash Player 6.0.29.0
Macromedia Flash Player 6.0.40.0
1 EDB exploit
490
VMScore
CVE-2016-2340
The AMF framework in Granite Data Services 3.1.1-SNAPSHOT allows remote authenticated users to read arbitrary files, send TCP requests to intranet servers, or cause a denial of service via an XML external entity declaration in conjunction with an entity reference, related to an X...
Graniteds Granite Data Services 3.1.1-snapshot
668
VMScore
CVE-2021-24867
Numerous Plugins and Themes from the AccessPress Themes (aka Access Keys) vendor are backdoored due to their website being compromised. Only plugins and themes downloaded via the vendor website are affected, and those hosted on wordpress.org are not. However, all of them were upd...
Accesspressthemes Accessbuddy 1.0.0
Accesspressthemes Accesspress Anonymous Post 2.8.0
Accesspressthemes Accesspress Basic 3.2.1
Accesspressthemes Accesspress Custom Css 2.0.1
Accesspressthemes Accesspress Custom Post Type 1.0.8
Accesspressthemes Accesspress Ifeeds 4.0.3
Accesspressthemes Accesspress Lite 2.92
Accesspressthemes Accesspress Mag 2.6.5
Accesspressthemes Accesspress Parallax 4.5
Accesspressthemes Accesspress Ray 1.19.5
Accesspressthemes Accesspress Root 2.5
Accesspressthemes Accesspress Social Counter 1.9.1
Accesspressthemes Accesspress Social Icons 1.8.2
Accesspressthemes Accesspress Social Login Lite 3.4.7
Accesspressthemes Accesspress Social Share 4.5.5
Accesspressthemes Accesspress Staple 1.9.1
Accesspressthemes Accesspress Store 2.4.9
Accesspressthemes Agency Lite 1.1.6
Accesspressthemes Ap Companion
Accesspressthemes Ap Contact Form 1.0.6
Accesspressthemes Ap Custom Testimonial 1.4.6
Accesspressthemes Ap Mega Menu 3.0.5
445
VMScore
CVE-2015-3269
Apache Flex BlazeDS, as used in flex-messaging-core.jar in Adobe LiveCycle Data Services (LCDS) 3.0.x prior to 3.0.0.354170, 4.5 prior to 4.5.1.354169, 4.6.2 prior to 4.6.2.354169, and 4.7 prior to 4.7.0.354169 and other products, allows remote malicious users to read arbitrary f...
Hp Business Service Management
Adobe Livecycle Data Services 3.0
Adobe Livecycle Data Services 4.5
Adobe Livecycle Data Services 4.6
Adobe Livecycle Data Services 4.7
3 Articles
670
VMScore
CVE-2017-5641
Previous versions of Apache Flex BlazeDS (4.7.2 and previous versions) did not restrict which types were allowed for AMF(X) object deserialization by default. During the deserialization process code is executed that for several known types has undesired side-effects. Other, unkno...
Apache Flex Blazeds
Hp Xp Command View Advanced Edition
445
VMScore
CVE-2018-17143
The html package (aka x/net/html) through 2018-09-17 in Go mishandles <template><tBody><isindex/action=0>, leading to a "panic: runtime error" in inBodyIM in parse.go during an html.Parse call.
Golang Net
Fedoraproject Fedora 28
Fedoraproject Fedora 29
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »