Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
leak vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2009-5139
The SIP implementation on the Gizmo5 software phone provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote malicious users to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue.
Google Gizmo5 -
8.8
CVSSv3
CVE-2009-5140
The SIP implementation on the Linksys SPA2102 phone adapter provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote malicious users to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue...
Linksys Spa2102 Firmware -
7.5
CVSSv3
CVE-2016-7241
Microsoft Internet Explorer 11 and Microsoft Edge allow remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
Microsoft Internet Explorer 11
Microsoft Edge
1 EDB exploit
1 Github repository
8.1
CVSSv3
CVE-2019-12210
In Yubico pam-u2f 1.0.7, when configured with debug and a custom debug log file is set using debug_file, that file descriptor is not closed when a new process is spawned. This leads to the file descriptor being inherited into the child process; the child process can then read fro...
Yubico Pam-u2f 1.0.7
NA
CVE-2004-0222
Multiple memory leaks in isakmpd in OpenBSD 3.4 and previous versions allow remote malicious users to cause a denial of service (memory exhaustion) via certain ISAKMP packets, as demonstrated by the Striker ISAKMP Protocol Test Suite.
Openbsd Openbsd
5.5
CVSSv3
CVE-2016-6689
Binder in the kernel in Android prior to 2016-10-05 on Nexus devices allows malicious users to obtain sensitive information via a crafted application, aka internal bug 30768347.
Google Android
1 EDB exploit
NA
CVE-2010-3886
The CTimeoutEventList::InsertIntoTimeoutList function in Microsoft mshtml.dll uses a certain pointer value as part of producing Timer ID values for the setTimeout and setInterval methods in VBScript and JScript, which allows remote malicious users to obtain sensitive information ...
Microsoft Internet Explorer 8
1 EDB exploit
NA
CVE-2007-1649
PHP 5.2.1 allows context-dependent malicious users to read portions of heap memory by executing certain scripts with a serialized data input string beginning with S:, which does not properly track the number of input bytes being processed.
Php Php 5.2.1
1 EDB exploit
6.5
CVSSv3
CVE-2023-22897
An issue exists in SecurePoint UTM prior to 12.2.5.1. The firewall's endpoint at /spcgi.cgi allows information disclosure of memory contents to be achieved by an authenticated user. Essentially, uninitialized data can be retrieved via an approach in which a sessionid is obta...
Securepoint Unified Threat Management
NA
CVE-2023-228972
SecurePoint UTM versions 12.x suffers from a memory leak vulnerability via the spcgi.cgi endpoint.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »