Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
safe vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-25927
Prototype pollution vulnerability in 'safe-flat' versions 2.0.0 up to and including 2.0.1 allows an malicious user to cause a denial of service and may lead to remote code execution.
Safe-flat Project Safe-flat
NA
CVE-2022-25904
All versions of package safe-eval are vulnerable to Prototype Pollution which allows an malicious user to add or modify properties of the Object.prototype.Consolidate when using the function safeEval. This is because the function uses vm variable, leading an malicious user to mod...
Safe-eval Project Safe-eval
6.9
CVSSv2
CVE-2010-5196
Untrusted search path vulnerability in KeePass Password Safe prior to 2.13 allows local users to gain privileges via a Trojan horse DwmApi.dll file in the current working directory, as demonstrated by a directory that contains a .kdbx file. NOTE: some of these details are obtaine...
Keepass Password Safe
Keepass Password Safe 1.6
7.5
CVSSv2
CVE-2021-25952
Prototype pollution vulnerability in ‘just-safe-set’ versions 1.0.0 up to and including 2.2.1 allows an malicious user to cause a denial of service and may lead to remote code execution.
Just-safe-set Project Just-safe-set
2.1
CVSSv2
CVE-2020-29392
The Estil Hill Lock Password Manager Safe app 2.3 for iOS has a *#06#* backdoor password. An attacker with physical access can unlock the password manager without knowing the master password set by the user.
Lock Password Manager Safe App Project Lock Password Manager Safe App 2.3
NA
CVE-2023-2904
The External Visitor Manager portal of HID’s SAFE versions 5.8.0 up to and including 5.11.3 are vulnerable to manipulation within web fields in the application programmable interface (API). An attacker could log in using account credentials available through a request gener...
Hidglobal Safe
4.3
CVSSv2
CVE-2022-1091
The sanitisation step of the Safe SVG WordPress plugin prior to 1.9.10 can be bypassed by spoofing the content-type in the POST request to upload a file. Exploiting this vulnerability, an attacker will be able to perform the kinds of attacks that this plugin should prevent (mainl...
10up Safe Svg
NA
CVE-2022-38163
A Drag and Drop spoof vulnerability exists in F-Secure SAFE Browser for Android and iOS version 19.0 and below. Drag and drop operation by user on address bar could lead to a spoofing of the address bar.
F-secure Safe
4.3
CVSSv2
CVE-2016-10976
The safe-editor plugin prior to 1.2 for WordPress has no se_save authentication, with resultant XSS.
Kodebyraaet Safe Editor
1.9
CVSSv2
CVE-2019-14358
On Archos Safe-T devices, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in the USB cable ...
Archos Safe-t -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »