Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tom vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2016-0766
PostgreSQL prior to 9.1.20, 9.2.x prior to 9.2.15, 9.3.x prior to 9.3.11, 9.4.x prior to 9.4.6, and 9.5.x prior to 9.5.1 does not properly restrict access to unspecified custom configuration settings (GUCS) for PL/Java, which allows malicious users to gain privileges via unspecif...
Postgresql Postgresql 9.5
Postgresql Postgresql
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
NA
CVE-2009-2347
Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 up to and including 3.8.2, 3.9, and 4.0 allow context-dependent malicious users to execute arbitrary code via a TIFF image with large (1) width and (2) height values, which triggers a heap-based buff...
Libtiff Libtiff 3.8.0
Libtiff Libtiff 3.8.1
Libtiff Libtiff 3.8.2
Libtiff Libtiff 4.0
Libtiff Libtiff 3.9
9.8
CVSSv3
CVE-2022-29917
Mozilla developers Andrew McCreight, Gabriele Svelto, Tom Ritter and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 99 and Firefox ESR 91.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could...
Mozilla Thunderbird
Mozilla Firefox Esr
Mozilla Firefox
6.5
CVSSv3
CVE-2020-1720
A flaw was found in PostgreSQL's "ALTER ... DEPENDS ON EXTENSION", where sub-commands did not perform authorization checks. An authenticated attacker could use this flaw in certain configurations to perform drop objects such as function, triggers, et al., leading t...
Postgresql Postgresql
Redhat Decision Manager 7.0
Redhat Enterprise Linux 8.0
Redhat Software Collections -
NA
CVE-2006-2753
SQL injection vulnerability in MySQL 4.1.x prior to 4.1.20 and 5.0.x prior to 5.0.22 allows context-dependent malicious users to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the m...
Mysql Mysql 5.0.5
Mysql Mysql 5.0.10
Mysql Mysql 5.0.0
Mysql Mysql 5.0.15
Mysql Mysql 5.0.17
Mysql Mysql 4.1.13
Mysql Mysql 5.0.3
Mysql Mysql 4.1.15
Mysql Mysql 4.1.8
Mysql Mysql 4.1.14
Mysql Mysql 4.1.12
Mysql Mysql 4.1.10
Mysql Mysql 5.0.2
Mysql Mysql 5.0.20
Mysql Mysql 5.0.1
Mysql Mysql 4.1.0
Mysql Mysql 5.0.4
Mysql Mysql 4.1.3
Mysql Mysql 5.0.16
Mysql Mysql 4.1.2
Oracle Mysql 4.1.1
Oracle Mysql 4.1.4
NA
CVE-2002-1235
The kadm_ser_in function in (1) the Kerberos v4compatibility administration daemon (kadmind4) in the MIT Kerberos 5 (krb5) krb5-1.2.6 and previous versions, (2) kadmind in KTH Kerberos 4 (eBones) prior to 1.2.1, and (3) kadmind in KTH Kerberos 5 (Heimdal) prior to 0.5.1 when comp...
Mit Kerberos 5
Kth Kth Kerberos 4
Kth Kth Kerberos 5
Debian Debian Linux 3.0
NA
CVE-2005-2871
Buffer overflow in the International Domain Name (IDN) support in Mozilla Firefox 1.0.6 and previous versions, and Netscape 8.0.3.3 and 7.2, allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a hostname with all "soft&q...
Mozilla Firefox 1.0.2
Mozilla Firefox 1.5
Mozilla Firefox 1.0.4
Mozilla Firefox 1.0
Mozilla Firefox 1.0.1
Mozilla Firefox 1.0.3
Mozilla Firefox 1.0.5
Mozilla Firefox 1.0.6
1 EDB exploit
2.2
CVSSv3
CVE-2019-10209
Postgresql, versions 11.x prior to 11.5, is vulnerable to a memory disclosure in cross-type comparison for hashed subplan.
Postgresql Postgresql
NA
CVE-2008-1233
Unspecified vulnerability in Mozilla Firefox prior to 2.0.0.13, Thunderbird prior to 2.0.0.13, and SeaMonkey prior to 1.1.9 allows remote malicious users to execute arbitrary code via "XPCNativeWrapper pollution."
Mozilla Firefox
Mozilla Thunderbird
Mozilla Seamonkey
NA
CVE-2008-1234
Cross-site scripting (XSS) vulnerability in Mozilla Firefox prior to 2.0.0.13, Thunderbird prior to 2.0.0.13, and SeaMonkey prior to 1.1.9 allows remote malicious users to inject arbitrary web script or HTML via event handlers, aka "Universal XSS using event handlers."
Mozilla Firefox
Mozilla Thunderbird
Mozilla Seamonkey
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »