Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
monkey vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2013-2159
Monkey HTTP Daemon: broken user name authentication
Monkey-project Monkey 1.2.1
4.7
CVSSv2
CVE-2012-4442
Monkey HTTP Daemon 0.9.3 retains the supplementary group IDs of the root account during operations with a non-root effective UID, which might allow local users to bypass intended file-read restrictions by leveraging a race condition in a file-permission check.
Monkey-project Monkey 0.9.3
7.5
CVSSv2
CVE-2007-2105
Directory traversal vulnerability in admin/index.php in Monkey CMS 0.0.3 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the admin_skin parameter.
Monkey Cms Monkey Cms 0.0.3
NA
CVE-2023-28413
Directory traversal vulnerability in Snow Monkey Forms versions v5.0.6 and previous versions allows a remote unauthenticated malicious user to obtain sensitive information, alter the website, or cause a denial-of-service (DoS) condition.
Snow Monkey Forms Project Snow Monkey Forms
5.8
CVSSv2
CVE-2017-7266
Netflix Security Monkey prior to 0.8.0 has an Open Redirect. The logout functionality accepted the "next" parameter which then redirects to any domain irrespective of the Host header.
Netflix Security Monkey
5
CVSSv2
CVE-2020-2322
Jenkins Chaos Monkey Plugin 0.3 and previous versions does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to generate load and to generate memory leaks.
Netflix Chaos Monkey
5
CVSSv2
CVE-2020-2323
Jenkins Chaos Monkey Plugin 0.4 and previous versions does not perform permission checks in an HTTP endpoint, allowing attackers with Overall/Read permission to access the Chaos Monkey page and to see the history of actions.
Netflix Chaos Monkey
3.7
CVSSv2
CVE-2009-0415
Untrusted search path vulnerability in trickle 1.07 allows local users to execute arbitrary code via a Trojan horse trickle-overload.so in the current working directory, which is referenced in the LD_PRELOAD path.
Monkey Trickle 1.07
NA
CVE-2023-32623
Directory traversal vulnerability in Snow Monkey Forms v5.1.1 and previous versions allows a remote unauthenticated malicious user to delete arbitrary files on the server.
2inc Snow Monkey Forms
5
CVSSv2
CVE-2006-6113
Monkey Boards 0.3.5 allows remote malicious users to obtain sensitive information via direct requests to (1) include/admin_auth.inc.php and (2) include/engine/class.compiler.php, which reveals the full path in an error message. NOTE: this issue is only an exposure if the administ...
James Greenwood Monkey Boards 0.3.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924
CVE-2024-3400
overflow
CVE-2024-23528
CVE-2024-21338
CVE-2024-3818
CVE-2024-23535
NULL pointer dereference
elevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »