Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
marked project marked vulnerabilities and exploits
(subscribe to this query)
694
VMScore
CVE-2015-8854
The marked package prior to 0.3.4 for Node.js allows malicious users to cause a denial of service (CPU consumption) via unspecified vectors that trigger a "catastrophic backtracking issue for the em inline rule," aka a "regular expression denial of service (ReDoS)....
Marked Project Marked
Fedoraproject Fedora 31
Fedoraproject Fedora 32
668
VMScore
CVE-2000-0419
The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote malicious users to conduct unauthorized activities via the "Show Me" function in Office Help, aka the "Office 2000 UA Control" vulnerability.
Microsoft Photodraw 2000 1.0
Microsoft Powerpoint 2000
Microsoft Project 2000
Microsoft Access 2000
Microsoft Word 2000
Microsoft Works 2000
Microsoft Office 2000
Microsoft Outlook 2000
Microsoft Excel 2000
Microsoft Frontpage 2000
383
VMScore
CVE-2015-8750
libdwarf 20151114 and previous versions allows remote malicious users to cause a denial of service (NULL pointer dereference and crash) via a debug_abbrev section marked NOBITS in an ELF file.
Libdwarf Project Libdwarf
605
VMScore
CVE-2020-36459
An issue exists in the dces crate through 2020-12-09 for Rust. The World type is marked as Send but lacks bounds on its EntityStore and ComponentStore.
Dces Project Dces
668
VMScore
CVE-2002-0727
The Host function in Microsoft Office Web Components (OWC) 2000 and 2002 is exposed in components that are marked as safe for scripting, which allows remote malicious users to execute arbitrary commands via the setTimeout method.
Microsoft Project 2002
Microsoft Office Web Components 2000
Microsoft Office Web Components 2002
409
VMScore
CVE-2015-1572
Heap-based buffer overflow in closefs.c in the libext2fs library in e2fsprogs prior to 1.42.12 allows local users to execute arbitrary code by causing a crafted block group descriptor to be marked as dirty. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015...
E2fsprogs Project E2fsprogs
Debian Debian Linux 7.0
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
384
VMScore
CVE-2020-15169
In Action View prior to 5.2.4.4 and 6.0.3.3 there is a potential Cross-Site Scripting (XSS) vulnerability in Action View's translation helpers. Views that allow the user to control the default (not found) value of the `t` and `translate` helpers could be susceptible to XSS a...
Action View Project Action View
Debian Debian Linux 10.0
Fedoraproject Fedora 33
NA
CVE-2022-3786
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue ce...
Openssl Openssl
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Nodejs Node.js 19.0.0
Nodejs Node.js 18.12.0
Nodejs Node.js
24 Github repositories
1 Article
NA
CVE-2022-3602
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue...
Openssl Openssl
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Netapp Clustered Data Ontap -
Fedoraproject Fedora 26
Fedoraproject Fedora 27
Nodejs Node.js 19.0.0
Nodejs Node.js 18.12.0
Nodejs Node.js
30 Github repositories
1 Article
NA
CVE-2023-33960
OpenProject is web-based project management software. For any OpenProject installation, a `robots.txt` file is generated through the server to denote which routes shall or shall not be accessed by crawlers. These routes contain project identifiers of all public projects in the in...
Openproject Openproject
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »