Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file reporter vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2016-5637
The restore_tqb_pixels function in libbpg 0.9.5 up to and including 0.9.7 mishandles the transquant_bypass_enable_flag value, which allows remote malicious users to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted BPG image, related to a &qu...
Libbpg Project Libbpg
5
CVSSv2
CVE-2017-8952
A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found.
Hp Sitescope 11.22
Hp Sitescope 11.23
Hp Sitescope 11.24
Hp Sitescope 11.24.391
Hp Sitescope 11.21
Hp Sitescope 11.30
Hp Sitescope 11.31
Hp Sitescope 11.33
Hp Sitescope 11.20
Hp Sitescope 11.30.521
Hp Sitescope 11.32
5
CVSSv2
CVE-2015-7190
The Search feature in Mozilla Firefox prior to 42.0 on Android up to and including 4.4 supports search-engine URL registration through an intent and can access this URL in a privileged context in conjunction with the crash reporter, which allows malicious users to read log files ...
Mozilla Firefox
5
CVSSv2
CVE-2011-3744
HTML Purifier 4.2.0 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by tests/PHPT/Reporter/SimpleTest.php and certain other files.
Htmlpurifier Html Purifier 4.2.0
5
CVSSv2
CVE-2011-2750
NFRAgent.exe in Novell File Reporter 1.0.4.2 and previous versions allows remote malicious users to delete arbitrary files via a full pathname in an SRS OPERATION 4 CMD 5 request to /FSF/CMD.
Novell File Reporter 1.0.2
Novell File Reporter
Novell File Reporter 1.0.1.1
Novell File Reporter 1.0.1
4.9
CVSSv2
CVE-2020-8834
KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in kvmppc_{save,restore}_tm, leading to a stack corruption. Because of this, an attacker with the ability run code in kernel space of a guest VM can caus...
Linux Linux Kernel -
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Opensuse Leap 15.1
4.8
CVSSv2
CVE-2017-3209
The DBPOWER U818A WIFI quadcopter drone provides FTP access over its own local access point, and allows full file permissions to the anonymous user. The DBPower U818A WIFI quadcopter drone runs an FTP server that by default allows anonymous access without a password, and provides...
Dbpower U818a Firmware -
4.6
CVSSv2
CVE-2021-42762
BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit prior to 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined by the sandbox, by abusing VFS syscalls that manipulate its filesystem na...
Webkitgtk Webkitgtk
Wpewebkit Wpe Webkit
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 10.0
Debian Debian Linux 11.0
4.6
CVSSv2
CVE-2021-41133
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions before 1.10.4 and 1.12.0, Flatpak apps with direct access to AF_UNIX sockets such as those used by Wayland, Pipewire or pipewire-pulse can trick portals and other host...
Flatpak Flatpak
Debian Debian Linux 11.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
4.6
CVSSv2
CVE-2017-8951
A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found.
Hp Sitescope 11.24.391
Hp Sitescope 11.30
Hp Sitescope 11.30.521
Hp Sitescope 11.31
Hp Sitescope 11.32
Hp Sitescope 11.21
Hp Sitescope 11.23
Hp Sitescope 11.33
Hp Sitescope 11.20
Hp Sitescope 11.22
Hp Sitescope 11.24
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »