Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
marc schoenefeld vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-1440
Multiple integer overflows in dvipsk/dospecial.c in dvips in TeX Live 2009 and previous versions, and teTeX, allow remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a special command in a DVI file, related to the (1) pr...
Tug Tex Live 2007
Tug Tetex
Tug Tex Live 2008
Tug Tex Live 2004
Tug Tex Live
Tug Tex Live 2002
Tug Tex Live 1996
Tug Tex Live 2001
Tug Tex Live 1999
Tug Tex Live 2005
Tug Tex Live 1998
Tug Tex Live 2000
Tug Tex Live 2003
NA
CVE-2010-0827
Integer overflow in dvips in TeX Live 2009 and previous versions, and teTeX, allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted virtual font (VF) file associated with a DVI file.
Tug Tex Live 1996
Tug Tex Live 1998
Tug Tex Live 2007
Tug Tex Live 2008
Tug Tex Live 2001
Tug Tex Live 2002
Tug Tex Live 1999
Tug Tex Live 2000
Tug Tex Live
Tug Tex Live 2003
Tug Tex Live 2004
Tug Tex Live 2005
Tug Tetex
NA
CVE-2010-0739
Integer overflow in the predospecial function in dospecial.c in dvips in (1) TeX Live and (2) teTeX might allow user-assisted remote malicious users to execute arbitrary code via a crafted DVI file that triggers a heap-based buffer overflow. NOTE: some of these details are obtain...
Tug Tetex
Tug Tex Live
NA
CVE-2010-0421
Array index error in the hb_ot_layout_build_glyph_classes function in pango/opentype/hb-ot-layout.cc in Pango prior to 1.27.1 allows context-dependent malicious users to cause a denial of service (application crash) via a crafted font file, related to building a synthetic Glyph D...
Gnome Pango
NA
CVE-2009-4274
Stack-based buffer overflow in converter/ppm/xpmtoppm.c in netpbm prior to 10.47.07 allows context-dependent malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via an XPM image file that contains a crafted header field associated w...
Netpbm Netpbm 10.35.13
Netpbm Netpbm 10.28
Netpbm Netpbm 10.39.00
Netpbm Netpbm 10.0
Netpbm Netpbm 10.46.00
Netpbm Netpbm 10.35.44
Netpbm Netpbm 10.35.11
Netpbm Netpbm 10.35.32
Netpbm Netpbm 10.35.20
Netpbm Netpbm 10.33
Netpbm Netpbm 10.35.35
Netpbm Netpbm 10.35.39
Netpbm Netpbm 10.7
Netpbm Netpbm 10.13
Netpbm Netpbm 10.35.18
Netpbm Netpbm 10.35.06
Netpbm Netpbm 10.45.00
Netpbm Netpbm 10.35.08
Netpbm Netpbm 10.35.19
Netpbm Netpbm 10.26
Netpbm Netpbm 10.38.00
Netpbm Netpbm 10.42.00
NA
CVE-2009-1284
Buffer overflow in BibTeX 0.99 allows context-dependent malicious users to cause a denial of service (memory corruption and crash) via a long .bib bibliography file.
Bibtex Bibtex 0.99
1 EDB exploit
NA
CVE-2008-5304
Cross-site scripting (XSS) vulnerability in TWiki prior to 4.2.4 allows remote malicious users to inject arbitrary web script or HTML via the %URLPARAM{}% variable.
Twiki Twiki 4.2.0
Twiki Twiki 4.1.2
Twiki Twiki 4.0.1
Twiki Twiki 4.0.0
Twiki Twiki 2003-02-01
Twiki Twiki 2004-09-01
Twiki Twiki 4.2.2
Twiki Twiki 4.2.1
Twiki Twiki 4.0.3
Twiki Twiki 4.0.2
Twiki Twiki 2000-12-01
Twiki Twiki 2001-12-01
Twiki Twiki 4.0.5
Twiki Twiki 4.0.4
Twiki Twiki 2004-09-03
Twiki Twiki 2001-09-01
Twiki Twiki 4.1.1
Twiki Twiki 4.1.0
Twiki Twiki
Twiki Twiki 2004-09-04
Twiki Twiki 2004-09-02
1 EDB exploit
NA
CVE-2006-2426
Sun Java Runtime Environment (JRE) 1.5.0_6 and previous versions, JDK 1.5.0_6 and previous versions, and SDK 1.5.0_6 and previous versions allows remote malicious users to cause a denial of service (disk consumption) by using the Font.createFont function to create temporary files...
Sun Jre 1.5.0
Sun Sdk 1.5.0 6
Sun Jdk 1.5.0
1 EDB exploit
NA
CVE-2005-2006
JBOSS 3.2.2 up to and including 3.2.7 and 4.0.2 allows remote malicious users to obtain sensitive information via a GET request (1) with a "%." (percent dot), which reveals the installation path or (2) with a % (percent) before a filename, which reveals the contents of ...
Jboss Jboss 3.2.2
Jboss Jboss 3.2.5
Jboss Jboss 3.2.6
Jboss Jboss 3.2.7
Jboss Jboss 4.0.2
Jboss Jboss 3.2.3
Jboss Jboss 3.2.4
1 EDB exploit
2 Github repositories
NA
CVE-2003-1516
The org.apache.xalan.processor.XSLProcessorVersion class in Java Plug-in 1.4.2_01 allows signed and unsigned applets to share variables, which violates the Java security model and could allow remote malicious users to read or write data belonging to a signed applet.
Sun Java Plug-in 1.4.2 01
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »