Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ali vulnerabilities and exploits
(subscribe to this query)
409
VMScore
CVE-2022-1419
The root cause of this vulnerability is that the ioctl$DRM_IOCTL_MODE_DESTROY_DUMB can decrease refcount of *drm_vgem_gem_object *(created in *vgem_gem_dumb_create*) concurrently, and *vgem_gem_dumb_create *will access the freed drm_vgem_gem_object.
Linux Linux Kernel
Linux Linux Kernel 5.6
Debian Debian Linux 10.0
187
VMScore
CVE-2022-33981
drivers/block/floppy.c in the Linux kernel prior to 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.
Linux Linux Kernel
Debian Debian Linux 9.0
Debian Debian Linux 10.0
409
VMScore
CVE-2022-21499
KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Scor...
Oracle Linux 6
Oracle Linux 7
Oracle Linux 8
Debian Debian Linux 11.0
1 Github repository
755
VMScore
CVE-2015-6009
Multiple SQL injection vulnerabilities in Web Reference Database (aka refbase) up to and including 0.9.6 allow remote malicious users to execute arbitrary SQL commands via (1) the where parameter to rss.php or (2) the sqlQuery parameter to search.php, a different issue than CVE-2...
Refbase Refbase
1 EDB exploit
505
VMScore
CVE-2009-2174
GUPnP 0.12.7 allows remote malicious users to cause a denial of service (crash) via an empty (1) subscription or (2) control message.
Gupnp Gupnp 0.12.7
1 EDB exploit
755
VMScore
CVE-2007-2492
SQL injection vulnerability in index.php in the v4bJournal module for PostNuke allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a journal_comment action.
Postnuke Software Foundation Postnuke V4bjournal Module 0.99
1 EDB exploit
755
VMScore
CVE-2015-7381
Multiple PHP remote file inclusion vulnerabilities in install.php in Web Reference Database (aka refbase) up to and including 0.9.6 allow remote malicious users to execute arbitrary PHP code via the (1) pathToMYSQL or (2) databaseStructureFile parameter, a different issue than CV...
Refbase Refbase
1 EDB exploit
755
VMScore
CVE-2015-7382
SQL injection vulnerability in install.php in Web Reference Database (aka refbase) up to and including 0.9.6 allows remote malicious users to execute arbitrary SQL commands via the defaultCharacterSet parameter, a different issue than CVE-2015-6009.
Refbase Refbase
1 EDB exploit
755
VMScore
CVE-2012-4996
Multiple SQL injection vulnerabilities in RivetTracker 1.03 and previous versions allow remote malicious users to execute arbitrary SQL commands via the hash parameter to (1) dltorrent.php or (2) torrent_functions.php.
Rivetcode Rivettracker 0.1
Rivetcode Rivettracker
Rivetcode Rivettracker 0.8
1 EDB exploit
435
VMScore
CVE-2006-1258
Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.0.1 allows remote malicious users to inject arbitrary web script or HTML via the set_theme parameter.
Phpmyadmin Phpmyadmin 2.8.0.1
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »