Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
security news vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2019-1941
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulne...
Cisco Identity Services Engine 2.4.0
Cisco Identity Services Engine
Cisco Identity Services Engine 2.4\\(0.902\\)
Cisco Identity Services Engine 2.5\\(0.225\\)
1 Article
9.8
CVSSv3
CVE-2005-3120
Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and previous versions allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.
Invisible-island Lynx
Debian Debian Linux 3.1
Debian Debian Linux 3.0
1 EDB exploit
NA
CVE-2010-2120
Google Chrome 1.0.154.48 allows remote malicious users to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid news:// URIs.
Google Chrome 1.0.154.48
10
CVSSv3
CVE-2019-5684
NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in DirectX drivers, in which a specially crafted shader can cause an out of bounds access of an input texture array, which may lead to denial of service or code execution.
Nvidia Gpu Driver
1 Article
9.8
CVSSv3
CVE-2019-5685
NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in DirectX drivers, in which a specially crafted shader can cause an out of bounds access to a shader local temporary array, which may lead to denial of service or code execution.
Nvidia Gpu Driver
1 Article
NA
CVE-2004-1316
Heap-based buffer overflow in MSG_UnEscapeSearchUrl in nsNNTPProtocol.cpp for Mozilla 1.7.3 and previous versions allows remote malicious users to cause a denial of service (application crash) via an NNTP URL (news:) with a trailing '\' (backslash) character, which prev...
Mozilla Mozilla 1.5.1
Mozilla Mozilla 1.5
Mozilla Mozilla 1.4
Mozilla Mozilla 1.4.1
Mozilla Mozilla 1.6
Mozilla Mozilla 1.7
Mozilla Mozilla
Mozilla Mozilla 1.3
Mozilla Mozilla 1.7.2
Mozilla Mozilla 1.7.3
Mozilla Mozilla 1.7.1
NA
CVE-2005-1911
The fetchnews NNTP client in leafnode 1.11.2 and previous versions can hang while waiting for input that never arrives, which allows remote NNTP servers to cause a denial of service (news loss).
Leafnode Leafnode 1.9.29
Leafnode Leafnode 1.9.30
Leafnode Leafnode 1.9.31
Leafnode Leafnode 1.9.32
Leafnode Leafnode 1.9.46
Leafnode Leafnode 1.9.47
Leafnode Leafnode 1.9.48
Leafnode Leafnode 1.9.52
Leafnode Leafnode 1.9.20
Leafnode Leafnode 1.9.21
Leafnode Leafnode 1.9.22
Leafnode Leafnode 1.9.23
Leafnode Leafnode 1.9.24
Leafnode Leafnode 1.9.37
Leafnode Leafnode 1.9.38
Leafnode Leafnode 1.9.39
Leafnode Leafnode 1.9.40
Leafnode Leafnode 1.11.1
Leafnode Leafnode 1.9.25
Leafnode Leafnode 1.9.27
Leafnode Leafnode 1.9.34
Leafnode Leafnode 1.9.36
9.8
CVSSv3
CVE-2021-3711
In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" paramete...
Openssl Openssl
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Santricity Smi-s Provider -
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Manageability Software Development Kit -
Netapp Storage Encryption -
Netapp E-series Santricity Os Controller
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Jd Edwards World Security A9.4
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Enterprise Session Border Controller 8.4
Oracle Enterprise Communications Broker 3.2.0
Oracle Zfs Storage Appliance Kit 8.8
Oracle Peoplesoft Enterprise Peopletools 8.59
1 Github repository
1 Article
NA
CVE-2024-28095
News functionality in Schoolbox application before version 23.1.3 is vulnerable to stored cross-site scripting allowing authenticated malicious user to perform security actions in the context of the affected users.
7.5
CVSSv3
CVE-2020-19878
DBHcms v1.2.0 has a sensitive information leaks vulnerability as there is no security access control in /dbhcms/ext/news/ext.news.be.php, A remote unauthenticated attacker can exploit this vulnerability to get path information.
Dbhcms Project Dbhcms 1.2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »