Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ant vulnerabilities and exploits
(subscribe to this query)
4.7
CVSSv3
CVE-2017-17383
Jenkins up to and including 2.93 allows remote authenticated administrators to conduct XSS attacks via a crafted tool name in a job configuration form, as demonstrated by the JDK tool in Jenkins core and the Ant tool in the Ant plugin, aka SECURITY-624.
Jenkins Jenkins
NA
CVE-2024-3488
File Upload vulnerability in unauthenticated session found in OpenText™ iManager 3.2.6.0200. The vulnerability could allow ant malicious user to upload a file without authentication.
NA
CVE-2007-5483
Unspecified vulnerability in the Administrative Scripting Tools (such as wsadmin or ANT) in IBM WebSphere Application Server 5.x and 6.0.x has unknown impact and attack vectors.
Ibm Websphere Application Server 5.1.1
Ibm Websphere Application Server 5.1.1.1
Ibm Websphere Application Server 5.1.1.6
Ibm Websphere Application Server 5.1.1.7
Ibm Websphere Application Server 6.0.1
Ibm Websphere Application Server 6.0.1.2
Ibm Websphere Application Server 6.0.2.19
Ibm Websphere Application Server 6.0.2.2
Ibm Websphere Application Server 5.1.1.14
Ibm Websphere Application Server 5.1.1.2
Ibm Websphere Application Server 6.0
Ibm Websphere Application Server 6.0.0.1
Ibm Websphere Application Server 6.0.2.11
Ibm Websphere Application Server 6.0.2.13
Ibm Websphere Application Server 6.0.2.5
Ibm Websphere Application Server 6.0.2.6
Ibm Websphere Application Server 6.0.2.7
Ibm Websphere Application Server 5.1.1.3
Ibm Websphere Application Server 5.1.1.4
Ibm Websphere Application Server 5.1.1.5
Ibm Websphere Application Server 6.0.0.2
Ibm Websphere Application Server 6.0.0.3
NA
CVE-2024-32656
Ant Media Server is live streaming engine software. A local privilege escalation vulnerability in present in versions 2.6.0 up to and including 2.8.2 allows any unprivileged operating system user account to escalate privileges to the root user account on the system. This vulnerab...
5.3
CVSSv3
CVE-2024-23686
DependencyCheck for Maven 9.0.0 to 9.0.6, for CLI version 9.0.0 to 9.0.5, and for Ant versions 9.0.0 to 9.0.5, when used in debug mode, allows an malicious user to recover the NVD API Key from a log file.
Owasp Dependency-check
8.8
CVSSv3
CVE-2018-4441
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.
Apple Iphone Os
Apple Tvos
Apple Safari
Apple Watchos
Apple Itunes
Apple Icloud
2 EDB exploits
6 Github repositories
7.8
CVSSv3
CVE-2021-22204
Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image
Exiftool Project Exiftool
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
28 Github repositories
NA
CVE-2024-3462
Ant Media Server Community Edition in a default configuration is vulnerable to an improper HTTP header based authorization, leading to a possible use of non-administrative API calls reserved only for authorized users. All versions up to 2.9.0 (tested) and possibly newer ones are ...
NA
CVE-2010-1206
The startDocumentLoad function in browser/base/content/browser.js in Mozilla Firefox 3.5.x prior to 3.5.11 and 3.6.x prior to 3.6.7, and SeaMonkey prior to 2.0.6, does not properly implement the Same Origin Policy in certain circumstances related to the about:blank document and a...
Mozilla Firefox 3.5.4
Mozilla Firefox 3.5.5
Mozilla Firefox 3.6.3
Mozilla Firefox 3.6.4
Mozilla Firefox 3.5.6
Mozilla Firefox 3.5.7
Mozilla Firefox 3.6.6
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5.9
Mozilla Firefox 3.5.10
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.3
Mozilla Firefox 3.6.1
Mozilla Firefox 3.6.2
Mozilla Seamonkey 1.0.5
Mozilla Seamonkey 1.0.6
Mozilla Seamonkey 1.0
Mozilla Seamonkey 1.1.17
Mozilla Seamonkey 1.1.18
Mozilla Seamonkey 1.0.7
Mozilla Seamonkey 1.0.8
Mozilla Seamonkey 1.1.11
NA
CVE-2010-1207
Mozilla Firefox prior to 3.6.7 and Thunderbird prior to 3.1.1 do not properly implement read restrictions for CANVAS elements, which allows remote malicious users to obtain sensitive cross-origin information via vectors involving reference retention and node deletion.
Mozilla Firefox 3.6
Mozilla Firefox 3.6.2
Mozilla Firefox 3.6.4
Mozilla Firefox
Mozilla Firefox 3.6.3
Mozilla Thunderbird
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »