Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-14511
Sphinx Technologies Sphinx 3.1.1 by default has no authentication and listens on 0.0.0.0, making it exposed to the internet (unless filtered by a firewall or reconfigured to listen to 127.0.0.1 only).
Sphinxsearch Sphinx 3.1.1
4.3
CVSSv2
CVE-2019-14517
pandao Editor.md 1.5.0 allows XSS via the Javascript: string.
Editor.md Project Editor.md 1.5.0
4
CVSSv2
CVE-2019-14525
In Octopus Deploy 2019.4.0 up to and including 2019.6.x prior to 2019.6.6, and 2019.7.x prior to 2019.7.6, an authenticated system administrator is able to view sensitive values by visiting a server configuration page or making an API call.
Octopus Octopus Deploy
Octopus Octopus Server
7.5
CVSSv2
CVE-2019-14531
An issue exists in The Sleuth Kit (TSK) 4.6.6. There is an out of bounds read on iso9660 while parsing System Use Sharing Protocol data in fs/iso9660.c.
Sleuthkit The Sleuth Kit 4.6.6
4.3
CVSSv2
CVE-2009-4378
The IPMI dissector in Wireshark 1.2.0 up to and including 1.2.4 on Windows allows remote malicious users to cause a denial of service (crash) via a crafted packet, related to "formatting a date/time using strftime."
Wireshark Wireshark 1.2.3
Wireshark Wireshark 1.2.4
Wireshark Wireshark 1.2.1
Wireshark Wireshark 1.2.2
Wireshark Wireshark 1.2.0
4.3
CVSSv2
CVE-2019-14534
In VideoLAN VLC media player 3.0.7.1, there is a NULL pointer dereference at the function SeekPercent of demux/asf/asf.c that will lead to a denial of service attack.
Videolan Vlc Media Player 3.0.7.1
Debian Debian Linux 9.0
Debian Debian Linux 10.0
6.8
CVSSv2
CVE-2019-14535
A divide-by-zero error exists in the SeekIndex function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1. As a result, an FPE can be triggered via a crafted WMV file.
Videolan Vlc Media Player 3.0.7.1
Debian Debian Linux 10.0
Debian Debian Linux 9.0
5
CVSSv2
CVE-2009-4389
Unspecified vulnerability in the Watchdog (aba_watchdog) extension 2.0.2 and previous versions for TYPO3 allows remote malicious users to obtain sensitive information via unknown attack vectors.
Robert Puntigam Aba Watchdog 2.0.1
Robert Puntigam Aba Watchdog
Robert Puntigam Aba Watchdog 2.0.0
6.8
CVSSv2
CVE-2019-14541
GnuCOBOL 2.2 has a stack-based buffer overflow in cb_encode_program_id in cobc/typeck.c via crafted COBOL source code.
Gnucobol Project Gnucobol 2.2
3.5
CVSSv2
CVE-2019-14548
An issue exists in EspoCRM prior to 5.6.9. Stored XSS in the body of an Article was executed when a victim opens articles received through mail. This Article can be formed by an attacker using the Knowledge Base feature in the tab list. The attacker could inject malicious JavaScr...
Espocrm Espocrm
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »