Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nine:situations:group vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-1516
Stack-based buffer overflow in the IceWarpServer.APIObject ActiveX control in api.dll in IceWarp Merak Mail Server 9.4.1 might allow context-dependent malicious users to execute arbitrary code via a large value in the second argument to the Base64FileEncode method, as possibly de...
Icewarp Merak Mail Server 9.4.1
1 EDB exploit
NA
CVE-2008-6748
Eval injection vulnerability in Megacubo 5.0.7 allows remote malicious users to inject and execute arbitrary PHP code via the play action in a mega:// URI.
Megacubo Megacubo 5.0.7
2 EDB exploits
NA
CVE-2009-1282
SQL injection vulnerability in private/system/lib-session.php in glFusion 1.1.2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the glf_session cookie parameter.
Glfusion Glfusion 1.0.1
Glfusion Glfusion 1.0.0
Glfusion Glfusion 1.1.1
Glfusion Glfusion 1.1.0
Glfusion Glfusion
1 EDB exploit
NA
CVE-2009-1283
glFusion prior to 1.1.3 performs authentication with a user-provided password hash instead of a password, which allows remote malicious users to gain privileges by obtaining the hash and using it in the glf_password cookie, aka "User Masquerading." NOTE: this can be lev...
Glfusion Glfusion 1.1.0
Glfusion Glfusion 1.0.0
Glfusion Glfusion 1.0.1
Glfusion Glfusion 1.0.2
Glfusion Glfusion 1.1.1
Glfusion Glfusion
1 EDB exploit
NA
CVE-2009-1281
Cross-site scripting (XSS) vulnerability in glFusion prior to 1.1.3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Glfusion Glfusion 1.1.1
Glfusion Glfusion 1.0.0
Glfusion Glfusion 1.0.1
Glfusion Glfusion
Glfusion Glfusion 1.1.0
1 EDB exploit
NA
CVE-2009-1068
Stack-based buffer overflow in BS.Player (bsplayer) 2.32 Build 975 Free and 2.34 Build 980 PRO and previous versions allows remote malicious users to cause a denial of service (application crash) or execute arbitrary code via a long hostname in a .bsl playlist file.
Bsplayer Bs.player 2.32
Bsplayer Bs.player 2.34
2 EDB exploits
NA
CVE-2009-1087
Multiple argument injection vulnerabilities in PPLive.exe in PPLive 1.9.21 and previous versions allow remote malicious users to execute arbitrary code via a UNC share pathname in the LoadModule argument to the (1) synacast, (2) Play, (3) pplsv, or (4) ppvod URI handler. NOTE: so...
Pplive Pplive
Pplive Pplive 1.9.15
1 EDB exploit
NA
CVE-2009-1092
Use-after-free vulnerability in the LIVEAUDIO.LiveAudioCtrl.1 ActiveX control in LIVEAU~1.OCX 7.0 for GeoVision DVR systems allows remote malicious users to execute arbitrary code by calling the GetAudioPlayingTime method with certain arguments.
Geovision Liveaudio Activex Control 7.0
1 EDB exploit
NA
CVE-2009-1039
Buffer overflow in CDex 1.70b2 allows remote malicious users to execute arbitrary code via a crafted Info header in an Ogg Vorbis (.ogg) file.
Cdexos Cdex 170b2
1 EDB exploit
NA
CVE-2009-0865
Directory traversal vulnerability in the SnapShotToFile method in the GeoVision LiveX (aka LiveX_v8200) ActiveX control 8.1.2 and 8.2.0 in LIVEX_~1.OCX allows remote malicious users to create or overwrite arbitrary files via a .. (dot dot) in the argument, possibly involving the ...
Geovision Livex Activex Control 8.1.2.0
Geovision Livex Activex Control 8.2.0.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »