Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ali vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2022-1419
The root cause of this vulnerability is that the ioctl$DRM_IOCTL_MODE_DESTROY_DUMB can decrease refcount of *drm_vgem_gem_object *(created in *vgem_gem_dumb_create*) concurrently, and *vgem_gem_dumb_create *will access the freed drm_vgem_gem_object.
Linux Linux Kernel
Linux Linux Kernel 5.6
Debian Debian Linux 10.0
3.3
CVSSv3
CVE-2022-33981
drivers/block/floppy.c in the Linux kernel prior to 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.
Linux Linux Kernel
Debian Debian Linux 9.0
Debian Debian Linux 10.0
6.7
CVSSv3
CVE-2022-21499
KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Scor...
Oracle Linux 6
Oracle Linux 7
Oracle Linux 8
Debian Debian Linux 11.0
1 Github repository
NA
CVE-2012-4993
torrent_functions.php in RivetTracker 1.03 and previous versions does not properly restrict access, which allows remote malicious users to have an unspecified impact.
Rivetcode Rivettracker
1 EDB exploit
NA
CVE-2012-4996
Multiple SQL injection vulnerabilities in RivetTracker 1.03 and previous versions allow remote malicious users to execute arbitrary SQL commands via the hash parameter to (1) dltorrent.php or (2) torrent_functions.php.
Rivetcode Rivettracker 0.1
Rivetcode Rivettracker
Rivetcode Rivettracker 0.8
1 EDB exploit
6.1
CVSSv3
CVE-2018-17964
Aryanic HighPortal 12.5 has XSS via an Add Tags action.
Aryanic Highportal 12.5
NA
CVE-2015-7381
Multiple PHP remote file inclusion vulnerabilities in install.php in Web Reference Database (aka refbase) up to and including 0.9.6 allow remote malicious users to execute arbitrary PHP code via the (1) pathToMYSQL or (2) databaseStructureFile parameter, a different issue than CV...
Refbase Refbase
1 EDB exploit
NA
CVE-2015-7382
SQL injection vulnerability in install.php in Web Reference Database (aka refbase) up to and including 0.9.6 allows remote malicious users to execute arbitrary SQL commands via the defaultCharacterSet parameter, a different issue than CVE-2015-6009.
Refbase Refbase
1 EDB exploit
NA
CVE-2008-6439
Cross-site scripting (XSS) vulnerability in search_results.php in ABK-Soft AbleDating 2.4 allows remote malicious users to inject arbitrary web script or HTML via the keyword parameter.
Abledating Abledating 2.4
1 EDB exploit
NA
CVE-2015-6519
SQL injection vulnerability in Arab Portal 3 allows remote malicious users to execute arbitrary SQL commands via the showemail parameter in a signup action to members.php.
Arabportal Arab Portal 3.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »