Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
evergreen vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2015-2203
Evergreen 2.5.9, 2.6.7, and 2.7.4 allows remote authenticated users with STAFF_LOGIN permission to obtain sensitive settings history information by leveraging listing of open-ils.pcrud as a controller in the IDL.
Evergreen-ils Evergreen 2.7.4
Evergreen-ils Evergreen 2.6.7
Evergreen-ils Evergreen 2.5.9
320
VMScore
CVE-2014-5459
The PEAR_REST class in REST.php in PEAR in PHP up to and including 5.6.0 allows local users to write to arbitrary files via a symlink attack on a (1) rest.cachefile or (2) rest.cacheid file in /tmp/pear/cache/, related to the retrieveCacheFirst and useLocalCache functions.
Php Php
Oracle Solaris 11.2
Opensuse Evergreen 11.4
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
258
VMScore
CVE-2014-0131
Use-after-free vulnerability in the skb_segment function in net/core/skbuff.c in the Linux kernel up to and including 3.13.6 allows malicious users to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation.
Linux Linux Kernel
Opensuse Evergreen 11.4
Suse Linux Enterprise Server 11
170
VMScore
CVE-2014-8134
The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux kernel up to and including 3.18 uses an improper paravirt_enabled setting for KVM guest kernels, which makes it easier for guest OS users to bypass the ASLR protection mechanism via a crafted application that r...
Linux Linux Kernel
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Opensuse Evergreen 11.4
Opensuse Opensuse 13.1
Suse Suse Linux Enterprise Server 11
Oracle Linux 6
NA
CVE-2024-1844
The RevivePress – Keep your Old Content Evergreen plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the import_data and copy_data functions in all versions up to, and including, 1.5.6. This makes it possi...
NA
CVE-2024-29099
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Evergreen Content Poster allows Reflected XSS.This issue affects Evergreen Content Poster: from n/a up to and including 1.4.1.
NA
CVE-2023-51423
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saleswonder Team Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition.This issue affects Webinar Plugin: Creat...
Saleswonder Webinarignition
NA
CVE-2023-51422
Deserialization of Untrusted Data vulnerability in Saleswonder Team Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition.This issue affects Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoo...
Saleswonder Webinarignition
NA
CVE-2023-41127
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Evergreen Content Poster Evergreen Content Poster – Auto Post and Schedule Your Best Content to Social Media allows Stored XSS.This issue affects Evergreen Conten...
Evergreencontentposter Evergreen Content Poster
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2