Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
async project async vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-35922
Rust-WebSocket is a WebSocket (RFC6455) library written in Rust. In versions before 0.26.5 untrusted websocket connections can cause an out-of-memory (OOM) process abort in a client or a server. The root cause of the issue is during dataframe parsing. Affected versions would allo...
Rust-websocket Project Rust-websocket
Fedoraproject Fedora 35
Fedoraproject Fedora 36
7.5
CVSSv3
CVE-2022-31162
Slack Morphism is an async client library for Rust. before 0.41.0, it was possible for Slack OAuth client information to leak in application debug logs. Stricter and more secure debug formatting was introduced in v0.41.0 for OAuth secret types to reduce the possibility of printin...
Slack Morphism Project Slack Morphism
7.5
CVSSv3
CVE-2021-41167
modern-async is an open source JavaScript tooling library for asynchronous operations using async/await and promises. In affected versions a bug affecting two of the functions in this library: forEachSeries and forEachLimit. They should limit the concurrency of some actions but, ...
Modern-async Project Modern-async
6.5
CVSSv3
CVE-2023-41040
GitPython is a python library used to interact with Git repositories. In order to resolve some git references, GitPython reads files from the `.git` directory, in some places the name of the file being read is provided by the user, GitPython doesn't check if this file is lo...
Gitpython Project Gitpython
1 Github repository
5.5
CVSSv3
CVE-2020-10763
An information-disclosure flaw was found in the way Heketi prior to 10.1.0 logs sensitive information. This flaw allows an attacker with local access to the Heketi server to read potentially sensitive information such as gluster-block passwords.
Heketi Project Heketi
Redhat Enterprise Linux 7.0
Redhat Gluster Storage 3.0
Redhat Openshift Container Platform 4.0
Redhat Gluster Storage 3.5
5.5
CVSSv3
CVE-2020-13867
Open-iSCSI targetcli-fb up to and including 2.1.52 has weak permissions for /etc/target (and for the backup directory and backup files).
Targetcli-fb Project Targetcli-fb
Fedoraproject Fedora 32
NA
CVE-2013-7397
Async Http Client (aka AHC or async-http-client) prior to 1.9.0 skips X.509 certificate verification unless both a keyStore location and a trustStore location are explicitly set, which allows man-in-the-middle malicious users to spoof HTTPS servers by presenting an arbitrary cert...
Redhat Jboss Fuse
Async-http-client Project Async-http-client
NA
CVE-2013-7398
main/java/com/ning/http/client/AsyncHttpClientConfig.java in Async Http Client (aka AHC or async-http-client) prior to 1.9.0 does not require a hostname match during verification of X.509 certificates, which allows man-in-the-middle malicious users to spoof HTTPS servers via an a...
Async-http-client Project Async-http-client
Redhat Jboss Fuse
NA
CVE-2011-0701
wp-admin/async-upload.php in the media uploader in WordPress prior to 3.0.5 allows remote authenticated users to read (1) draft posts or (2) private posts via a modified attachment_id parameter.
Wordpress Wordpress
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3