Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
user access manager project user access manager vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2014-8763
DokuWiki prior to 2014-05-05b, when using Active Directory for LDAP authentication, allows remote malicious users to bypass authentication via a password starting with a null (\0) character and a valid user name, which triggers an unauthenticated bind.
Dokuwiki Dokuwiki
Mageia Project Mageia 3.0
Mageia Project Mageia 4.0
445
VMScore
CVE-2014-8764
DokuWiki 2014-05-05a and previous versions, when using Active Directory for LDAP authentication, allows remote malicious users to bypass authentication via a user name and password starting with a null (\0) character, which triggers an anonymous bind.
Mageia Project Mageia 3.0
Mageia Project Mageia 4.0
Dokuwiki Dokuwiki
685
VMScore
CVE-2007-5694
Absolute path traversal vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to read arbitrary files via an absolute path in the dir parameter, a different vulnerability than CVE-2007-5491.
Sitebar Sitebar 3.3.8
1 EDB exploit
294
VMScore
CVE-2020-28049
An issue exists in SDDM prior to 0.19.0. It incorrectly starts the X server in a way that - for a short time period - allows local unprivileged users to create a connection to the X server without providing proper authentication. A local attacker can thus access X server display ...
Sddm Project Sddm
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 33
NA
CVE-2024-3749
The SP Project & Document Manager WordPress plugin up to and including 4.71 lacks proper access controllers and allows a logged in user to view and download files belonging to another user
NA
CVE-2023-25193
hb-ot-layout-gsubgpos.hh in HarfBuzz up to and including 6.0.0 allows malicious users to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.
Harfbuzz Project Harfbuzz
Fedoraproject Fedora 36
890
VMScore
CVE-2008-4796
The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3 and previous versions, as used in (1) ampache, (2) libphp-snoopy, (3) mahara, (4) mediamate, (5) opendb, (6) pixelpost, and possibly other products, allows remote malicious users to execute arbitrary commands vi...
Snoopy Project Snoopy
Debian Debian Linux 5.0
Debian Debian Linux 4.0
Nagios Nagios
Wordpress Wordpress
641
VMScore
CVE-2008-2812
The Linux kernel prior to 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio...
Linux Linux Kernel
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
Novell Linux Desktop 9
Opensuse Opensuse 11.0
Opensuse Opensuse 10.3
Suse Suse Linux Enterprise Server 10
Suse Suse Linux Enterprise Desktop 10
Debian Debian Linux 4.0
Avaya Message Networking 3.1
Avaya Sip Enablement Services 4.0
Avaya Messaging Storage Server 4.0
Avaya Proactive Contact 4.0
Avaya Meeting Exchange 5.0
Avaya Expanded Meet-me Conferencing
Avaya Intuity Audix Lx 2.0
Avaya Sip Enablement Services -
Avaya Communication Manager
726
VMScore
CVE-2021-4034
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle ...
Polkit Project Polkit
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux For Scientific Computing 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux For Power Little Endian 7.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux For Power Big Endian 7.0
Redhat Enterprise Linux For Ibm Z Systems 7.0
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Aus 7.7
Redhat Enterprise Linux Server Tus 7.7
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Update Services For Sap Solutions 8.2
282 Github repositories
1 Article
593
VMScore
CVE-2009-3555
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and previous versions, OpenSSL prior to 0.9.8l, GnuTLS 2.8.5 and previous versions, Mozilla Network Security Ser...
Openssl Openssl 1.0
Apache Http Server
Openssl Openssl
Gnu Gnutls
Mozilla Nss
Debian Debian Linux 5.0
Canonical Ubuntu Linux 10.10
Fedoraproject Fedora 11
Fedoraproject Fedora 13
Debian Debian Linux 4.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 9.04
Debian Debian Linux 6.0
Fedoraproject Fedora 12
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 9.10
Fedoraproject Fedora 14
F5 Nginx
2 EDB exploits
10 Github repositories
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37884
CVE-2024-6003
remote
brute force
information disclosure
CVE-2024-27801
CVE-2024-30078
CVE-2024-31870
CVE-2024-6042
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »