Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
login security project login security vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2017-5974
Heap-based buffer overflow in the __zzip_get32 function in fetch.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote malicious users to cause a denial of service (crash) via a crafted ZIP file.
Zziplib Project Zziplib 0.13.56
Zziplib Project Zziplib 0.13.57
Zziplib Project Zziplib 0.13.58
Zziplib Project Zziplib 0.13.59
Zziplib Project Zziplib 0.13.60
Zziplib Project Zziplib 0.13.61
Zziplib Project Zziplib 0.13.62
Debian Debian Linux 8.0
Debian Debian Linux 9.0
1 Github repository
5.5
CVSSv3
CVE-2017-5975
Heap-based buffer overflow in the __zzip_get64 function in fetch.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote malicious users to cause a denial of service (crash) via a crafted ZIP file.
Zziplib Project Zziplib 0.13.56
Zziplib Project Zziplib 0.13.57
Zziplib Project Zziplib 0.13.58
Zziplib Project Zziplib 0.13.59
Zziplib Project Zziplib 0.13.60
Zziplib Project Zziplib 0.13.61
Zziplib Project Zziplib 0.13.62
Debian Debian Linux 8.0
Debian Debian Linux 9.0
NA
CVE-2013-2031
MediaWiki prior to 1.19.6 and 1.20.x prior to 1.20.5 allows remote malicious users to conduct cross-site scripting (XSS) attacks, as demonstrated by a CDATA section containing valid UTF-7 encoded sequences in a SVG file, which is then incorrectly interpreted as UTF-8 by Chrome an...
Gentoo Linux
Mediawiki Mediawiki
Mediawiki Mediawiki 1.19.4
Mediawiki Mediawiki 1.19
Mediawiki Mediawiki 1.18.3
Mediawiki Mediawiki 1.17.3
Mediawiki Mediawiki 1.17.2
Mediawiki Mediawiki 1.16.1
Mediawiki Mediawiki 1.16.0
Mediawiki Mediawiki 1.15.2
Mediawiki Mediawiki 1.15.1
Mediawiki Mediawiki 1.15.0
Mediawiki Mediawiki 1.13.2
Mediawiki Mediawiki 1.13.1
Mediawiki Mediawiki 1.12.1
Mediawiki Mediawiki 1.12.0
Mediawiki Mediawiki 1.20.4
Mediawiki Mediawiki 1.20.3
Mediawiki Mediawiki 1.19.1
Mediawiki Mediawiki 1.19.0
Mediawiki Mediawiki 1.18.0
Mediawiki Mediawiki 1.18
6.6
CVSSv3
CVE-2023-40660
A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic operations in other processes when an empty zero-length pin is passed. This issue poses a security risk, particularly for OS logo...
Opensc Project Opensc
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
6.1
CVSSv3
CVE-2019-13038
mod_auth_mellon up to and including 0.14.2 has an Open Redirect via the login?ReturnTo= substring, as demonstrated by omitting the // after http: in the target URL.
Mod Auth Mellon Project Mod Auth Mellon
Oracle Zfs Storage Appliance Kit 8.8
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
6.5
CVSSv3
CVE-2019-20503
usrsctp prior to 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init.
Usrsctp Project Usrsctp
1 Article
NA
CVE-2014-9029
Multiple off-by-one errors in the (1) jpc_dec_cp_setfromcox and (2) jpc_dec_cp_setfromrgn functions in jpc/jpc_dec.c in JasPer 1.900.1 and previous versions allow remote malicious users to execute arbitrary code via a crafted jp2 file, which triggers a heap-based buffer overflow.
Jasper Project Jasper
7.5
CVSSv3
CVE-2015-8270
The AMF3ReadString function in amf.c in RTMPDump 2.4 allows remote RTMP Media servers to cause a denial of service (invalid pointer dereference and process crash).
Rtmpdump Project Rtmpdump 2.4
9.8
CVSSv3
CVE-2015-8271
The AMF3CD_AddProp function in amf.c in RTMPDump 2.4 allows remote RTMP Media servers to execute arbitrary code.
Rtmpdump Project Rtmpdump 2.4
6.5
CVSSv3
CVE-2015-8272
RTMPDump 2.4 allows remote malicious users to trigger a denial of service (NULL pointer dereference and process crash).
Rtmpdump Project Rtmpdump 2.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »