Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ali vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2022-1419
The root cause of this vulnerability is that the ioctl$DRM_IOCTL_MODE_DESTROY_DUMB can decrease refcount of *drm_vgem_gem_object *(created in *vgem_gem_dumb_create*) concurrently, and *vgem_gem_dumb_create *will access the freed drm_vgem_gem_object.
Linux Linux Kernel
Linux Linux Kernel 5.6
Debian Debian Linux 10.0
3.3
CVSSv3
CVE-2022-33981
drivers/block/floppy.c in the Linux kernel prior to 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.
Linux Linux Kernel
Debian Debian Linux 9.0
Debian Debian Linux 10.0
6.7
CVSSv3
CVE-2022-21499
KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Scor...
Oracle Linux 6
Oracle Linux 7
Oracle Linux 8
Debian Debian Linux 11.0
1 Github repository
NA
CVE-2008-6439
Cross-site scripting (XSS) vulnerability in search_results.php in ABK-Soft AbleDating 2.4 allows remote malicious users to inject arbitrary web script or HTML via the keyword parameter.
Abledating Abledating 2.4
1 EDB exploit
NA
CVE-2007-2492
SQL injection vulnerability in index.php in the v4bJournal module for PostNuke allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a journal_comment action.
Postnuke Software Foundation Postnuke V4bjournal Module 0.99
1 EDB exploit
NA
CVE-2008-6572
SQL injection vulnerability in search_results.php in ABK-Soft AbleDating 2.4 allows remote malicious users to execute arbitrary SQL commands via the keyword parameter.
Abledating Abledating 2.4
1 EDB exploit
NA
CVE-2015-7381
Multiple PHP remote file inclusion vulnerabilities in install.php in Web Reference Database (aka refbase) up to and including 0.9.6 allow remote malicious users to execute arbitrary PHP code via the (1) pathToMYSQL or (2) databaseStructureFile parameter, a different issue than CV...
Refbase Refbase
1 EDB exploit
NA
CVE-2015-7382
SQL injection vulnerability in install.php in Web Reference Database (aka refbase) up to and including 0.9.6 allows remote malicious users to execute arbitrary SQL commands via the defaultCharacterSet parameter, a different issue than CVE-2015-6009.
Refbase Refbase
1 EDB exploit
NA
CVE-2006-1258
Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.0.1 allows remote malicious users to inject arbitrary web script or HTML via the set_theme parameter.
Phpmyadmin Phpmyadmin 2.8.0.1
1 EDB exploit
9.8
CVSSv3
CVE-2018-18399
SQL injection vulnerability in the "ContentPlaceHolder1_uxTitle" component in ArchiveNews.aspx in jco.ir KARMA 6.0.0 allows a remote malicious user to execute arbitrary SQL commands via the "id" parameter.
Jco Karma 6.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4541
CVE-2024-3080
CVE-2024-4787
log injection
CVE-2024-5967
inject
CVE-2024-30078
CVE-2024-5899
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »