Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ghost ghost vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2020-24736
Buffer Overflow vulnerability found in SQLite3 v.3.27.1 and before allows a local malicious user to cause a denial of service via a crafted script.
Ghost Sqlite3 3.27.1
9.8
CVSSv3
CVE-2022-43441
A code execution vulnerability exists in the Statement Bindings functionality of Ghost Foundation node-sqlite3 5.1.1. A specially-crafted Javascript file can lead to arbitrary code execution. An attacker can provide malicious input to trigger this vulnerability.
Ghost Sqlite3
5.7
CVSSv3
CVE-2023-26510
Ghost 5.35.0 allows authorization bypass: contributors can view draft posts of other users, which is arguably inconsistent with a security policy in which a contributor's draft can only be read by editors until published by an editor. NOTE: the vendor's position is that...
Ghost Ghost 5.35.0
5.4
CVSSv3
CVE-2022-47194
An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger...
Ghost Ghost 5.9.4
5.4
CVSSv3
CVE-2022-47195
An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger...
Ghost Ghost 5.9.4
5.4
CVSSv3
CVE-2022-47196
An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger...
Ghost Ghost 5.9.4
5.4
CVSSv3
CVE-2022-47197
An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger...
Ghost Ghost 5.9.4
2 Github repositories
5.3
CVSSv3
CVE-2022-41697
A user enumeration vulnerability exists in the login functionality of Ghost Foundation Ghost 5.9.4. A specially-crafted HTTP request can lead to a disclosure of sensitive information. An attacker can send a series of HTTP requests to trigger this vulnerability.
Ghost Ghost 5.9.4
4.3
CVSSv3
CVE-2022-41654
An authentication bypass vulnerability exists in the newsletter subscription functionality of Ghost Foundation Ghost 5.9.4. A specially-crafted HTTP request can lead to increased privileges. An attacker can send an HTTP request to trigger this vulnerability.
Ghost Ghost
9.8
CVSSv3
CVE-2022-30258
An issue exists in Technitium DNS Server up to and including 8.0.2 that allows variant V2 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit wou...
Technitium Dns Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »