Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
please project please vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-39375
GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Users may be able to create a public RSS feed to inject malicious code in dashboards...
Glpi-project Glpi
7.5
CVSSv2
CVE-2022-24376
All versions of package git-promise are vulnerable to Command Injection due to an inappropriate fix of a prior [vulnerability](https://security.snyk.io/vuln/SNYK-JS-GITPROMISE-567476) in this package. **Note:** Please note that the vulnerability will not be fixed. The README file...
Git-promise Project Git-promise
4
CVSSv2
CVE-2021-29501
Ticketer is a command based ticket system cog (plugin) for the red discord bot. A vulnerability allowing discord users to expose sensitive information has been found in the Ticketer cog. Please upgrade to version 1.0.1 as soon as possible. As a workaround users may unload the tic...
Dav-cogs Project Dav-cogs
10
CVSSv2
CVE-2004-0914
Multiple vulnerabilities in libXpm for 6.8.1 and previous versions, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which c...
Lesstif Lesstif 0.93.34
Lesstif Lesstif 0.93.36
X.org X11r6 6.8.1
Xfree86 Project X11r6 3.3
Xfree86 Project X11r6 4.0.2.11
Xfree86 Project X11r6 4.0.3
Xfree86 Project X11r6 4.3.0
Lesstif Lesstif 0.93.40
Lesstif Lesstif 0.93.91
Xfree86 Project X11r6 3.3.2
Xfree86 Project X11r6 3.3.3
Xfree86 Project X11r6 3.3.4
Xfree86 Project X11r6 4.1.0
Xfree86 Project X11r6 4.1.11
Lesstif Lesstif 0.93
Lesstif Lesstif 0.93.94
Lesstif Lesstif 0.93.96
Xfree86 Project X11r6 3.3.5
Xfree86 Project X11r6 3.3.6
Xfree86 Project X11r6 4.1.12
Xfree86 Project X11r6 4.2.0
Lesstif Lesstif 0.93.12
NA
CVE-2023-25076
A buffer overflow vulnerability exists in the handling of wildcard backend hosts of SNIProxy 0.6.0-2 and the master branch (commit: 822bb80df9b7b345cc9eba55df74a07b498819ba). A specially crafted HTTP or TLS packet can lead to arbitrary code execution. An attacker could send a mal...
Sniproxy Project Sniproxy 0.6.1
Sniproxy Project Sniproxy 0.6.0-2
1 Github repository
NA
CVE-2022-39276
GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Usage of RSS feeds or an external calendar in planning is subject to SSRF exploit. I...
Glpi-project Glpi
NA
CVE-2022-39353
xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core) `DOMParser` and `XMLSerializer` module. xmldom parses XML that is not well-formed because it contains multiple top level elements, and adds all root nodes to the `childNodes` collection of the `Document`, witho...
Xmldom Project Xmldom 0.9.0
Xmldom Project Xmldom
Debian Debian Linux 10.0
2 Github repositories
6.8
CVSSv2
CVE-2021-40426
A heap-based buffer overflow vulnerability exists in the sphere.c start_read() functionality of Sound Exchange libsox 14.4.2 and master commit 42b3557e. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerabi...
Libsox Project Libsox 14.4.2
5
CVSSv2
CVE-2021-4076
A flaw exists in tang, a network-based cryptographic binding server, which could result in leak of private keys.
Tang Project Tang
NA
CVE-2023-26042
Part-DB is an open source inventory management system for your electronic components. User input was found not being properly escaped, which allowed malicious users to inject arbitrary HTML into the pages. The Content-Security-Policy forbids inline and external scripts so it is n...
Part-db Project Part-db
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »