Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
raise vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2020-22781
In Etherpad < 1.8.3, a specially crafted URI would raise an unhandled exception in the cache mechanism and cause a denial of service (crash the instance).
Etherpad Etherpad
7.5
CVSSv3
CVE-2020-15694
In Nim 1.2.4, the standard library httpClient fails to properly validate the server response. For example, httpClient.get().contentLength() does not raise any error if a malicious server provides a negative Content-Length.
Nim-lang Nim
8.1
CVSSv3
CVE-2024-5629
An out-of-bounds read in the 'bson' module of PyMongo 4.6.2 or earlier allows deserialization of malformed BSON provided by a Server to raise an exception which may contain arbitrary application memory.
Mongodb Pymongo
Debian Debian Linux 10.0
3.1
CVSSv3
CVE-2022-0279
The AnyComment WordPress plugin prior to 0.2.18 is affected by a race condition when liking/disliking a comment/reply, which could allow any authenticated user to quickly raise their rating or lower the rating of other users
Bologer Anycomment
NA
CVE-2008-5102
PythonScripts in Zope 2 2.11.2 and previous versions, as used in Conga and other products, allows remote authenticated users to cause a denial of service (resource consumption or application halt) via certain (1) raise or (2) import statements.
Zope Zope 2.0.0b6
Zope Zope 2.7.3-final
Zope Zope 2.4.0
Zope Zope 2.2.0b2
Zope Zope 2.7.3-b2
Zope Zope 2.7.0-final
Zope Zope 2.2.1
Zope Zope 2.7.4-b2
Zope Zope 2.3.1
Zope Zope 2.8.8
Zope Zope 2.2.0b4
Zope Zope 1.10.3
Zope Zope 2.7.4-c1
Zope Zope 2.10.5
Zope Zope 2.4.4b1
Zope Zope 2.8.9.1
Zope Zope 2.2.0
Zope Zope 2.1.2
Zope Zope 2.0.0b5
Zope Zope 2.3.0b3
Zope Zope 2.7.0-b2
Zope Zope 1.10.4
1 EDB exploit
10
CVSSv3
CVE-2019-10686
An SSRF vulnerability was found in an API from Ctrip Apollo up to and including 1.4.0-SNAPSHOT. An attacker may use it to do an intranet port scan or raise a GET request via /system-info/health because the %23 substring is mishandled.
Ctrip Apollo
7.8
CVSSv3
CVE-2021-43065
A incorrect permission assignment for critical resource in Fortinet FortiNAC version 9.2.0, version 9.1.3 and below, version 8.8.9 and below allows malicious user to gain higher privileges via the access to sensitive system data.
Fortinet Fortinac 9.2.0
Fortinet Fortinac
7.8
CVSSv3
CVE-2018-4005
An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the configureRoutingWithCommand function. A user with local access can use this vulnerability to raise their privileges to root. An attacker would need local access to the machine ...
Shimovpn Shimo Vpn 4.1.5.1
7.5
CVSSv3
CVE-2015-9242
Certain input strings when passed to new Date() or Date.parse() in ecstatic node module prior to 1.4.0 will cause v8 to raise an exception. This leads to a crash and denial of service in ecstatic when this input is passed into the server via the If-Modified-Since header.
Ecstatic Project Ecstatic
7.8
CVSSv3
CVE-2018-4009
An exploitable privilege escalation vulnerability exists in the Shimo VPN helper service due to improper validation of code signing. A user with local access can use this vulnerability to raise their privileges to root. An attacker would need local access to the machine to succes...
Shimovpn Shimo Vpn 4.1.5.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4541
CVE-2024-3080
CVE-2024-4787
log injection
CVE-2024-5967
inject
CVE-2024-30078
CVE-2024-5899
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »