Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dolev farhi vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-3840
Multiple cross-site scripting (XSS) vulnerabilities in apps/common/templates/calculate_form_title.html in Mayan EDMS 0.13 allow remote authenticated users to inject arbitrary web script or HTML via a (1) tag or the (2) title of a source in a Staging folder, (3) Name field in a bo...
Mayan-edms Mayan Edms 0.13
1 EDB exploit
NA
CVE-2014-3866
Multiple cross-site request forgery (CSRF) vulnerabilities in user_settings.php in Usercake 2.0.2 and previous versions allow remote malicious users to hijack the authentication of administrators for requests that change the (1) administrative password via the passwordc parameter...
Usercake Usercake 2.0.1
Usercake Usercake
1 EDB exploit
NA
CVE-2014-4199
vm-support 0.88 in VMware Tools, as distributed with VMware Workstation up to and including 10.0.3 and other products, allows local users to write to arbitrary files via a symlink attack on a file in /tmp.
Vmware Vm-support 0.88
Vmware Workstation 10.0
Vmware Tools
Vmware Workstation 10.0.2
Vmware Workstation 10.0.1
Vmware Workstation
NA
CVE-2014-4200
vm-support 0.88 in VMware Tools, as distributed with VMware Workstation up to and including 10.0.3 and other products, uses 0644 permissions for the vm-support archive, which allows local users to obtain sensitive information by extracting files from this archive.
Vmware Vm-support 0.88
Vmware Workstation 10.0
Vmware Tools
Vmware Workstation 10.0.2
Vmware Workstation 10.0.1
Vmware Workstation
5.3
CVSSv3
CVE-2020-14181
Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the /ViewUserHover.jspa endpoint. The affected versions are before version 7.13.6, from version 8.0.0 prior to 8.5.7, and fro...
Atlassian Jira
Atlassian Data Center
Atlassian Jira Server
3 Github repositories
1 Article
NA
CVE-2014-60701
LogAnalyzer version 3.6.5 suffers from a cross site scripting vulnerability.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103
CVE-2024-36279
CVE-2024-38457
elevation of privilege
CVE-2024-27801
CVE-2024-30103
NULL pointer dereference
CVE-2024-6057
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2