Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ask vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2009-4516
Cross-site scripting (XSS) vulnerability in the FAQ Ask module 5.x and 6.x prior to 6.x-2.0, a module for Drupal, allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Nanwich Faq Ask 5.x-1.0
Nanwich Faq Ask 6.x-1.0
Nanwich Faq Ask 6.x-1.1
Nanwich Faq Ask 6.x-1.2
Nanwich Faq Ask 6.x-1.x
Nanwich Faq Ask 6.x-2.0
Nanwich Faq Ask 6.x-2.x
Nanwich Faq Ask 5.x-1.1
Nanwich Faq Ask 5.x-1.2
Nanwich Faq Ask 5.x-1.3
Nanwich Faq Ask 5.x-1.x
5
CVSSv2
CVE-2008-3187
zypp-refresh-patches in zypper in SUSE openSUSE 10.2, 10.3, and 11.0 does not ask the user before accepting repository keys, which allows remote repositories to cause a denial of service (package data corruption) via a spoofed key.
Opensuse Zypper 11.0
Opensuse Zypper 10.2
Opensuse Zypper 10.3
4.3
CVSSv2
CVE-2009-4534
Open redirect vulnerability in the FAQ Ask module 5.x and 6.x prior to 6.x-2.0, a module for Drupal, allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Nanwich Faq Ask 6.x-1.2
Nanwich Faq Ask 6.x-1.1
Nanwich Faq Ask 6.x-1.0
Nanwich Faq Ask 6.x-1.0-beta1
Nanwich Faq Ask 6.x-2.0-alpha1
Nanwich Faq Ask 6.x-1.x-dev
Nanwich Faq Ask 5.x-1.2
Nanwich Faq Ask 5.x-1.x-dev
Nanwich Faq Ask 5.x-1.0
Nanwich Faq Ask 5.x-1.0-beta4
Nanwich Faq Ask 5.x-1.0-beta3
Nanwich Faq Ask 5.x-1.0-beta2
Nanwich Faq Ask
Nanwich Faq Ask 5.x-1.3
Nanwich Faq Ask 5.x-1.1
Nanwich Faq Ask 5.x-1.0-beta1
6.8
CVSSv2
CVE-2009-4517
Cross-site request forgery (CSRF) vulnerability in the FAQ Ask module 5.x and 6.x prior to 6.x-2.0, a module for Drupal, allows remote malicious users to hijack the authentication of arbitrary users for requests that access unpublished content.
Nanwich Faq Ask 5.x-1.0
Nanwich Faq Ask 5.x-1.2
Nanwich Faq Ask 6.x-1.x
Nanwich Faq Ask 6.x-2.x
Nanwich Faq Ask 5.x-1.x
Nanwich Faq Ask 6.x-1.0
Nanwich Faq Ask 6.x-1.1
Nanwich Faq Ask 5.x-1.1
Nanwich Faq Ask 5.x-1.3
Nanwich Faq Ask 6.x-1.2
Nanwich Faq Ask 6.x-2.0
2.1
CVSSv2
CVE-2018-6617
Easy Hosting Control Panel (EHCP) v0.37.12.b, when using a local MySQL server, allows malicious users to change passwords of arbitrary database users by leveraging failure to ask for the current password.
Ehcp Easy Hosting Control Panel 0.37.12.b
5
CVSSv2
CVE-2021-22926
libcurl-using applications can ask for a specific client certificate to be used in a transfer. This is done with the `CURLOPT_SSLCERT` option (`--cert` with the command line tool).When libcurl is built to use the macOS native TLS library Secure Transport, an application can ask f...
Haxx Curl
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Clustered Data Ontap -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Mysql Server
Siemens Sinec Infrastructure Network Services
Netapp H300s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
3.5
CVSSv2
CVE-2015-4395
The HybridAuth Social Login module 7.x-2.x prior to 7.x-2.10 for Drupal stores passwords in plaintext when the "Ask user for a password when registering" option is enabled, which allows remote authenticated users with certain permissions to obtain sensitive information ...
Hybridauth Social Login Project Hybridauth Social Login 7.x-2.1
Hybridauth Social Login Project Hybridauth Social Login 7.x-2.2
Hybridauth Social Login Project Hybridauth Social Login 7.x-2.3
Hybridauth Social Login Project Hybridauth Social Login 7.x-2.4
Hybridauth Social Login Project Hybridauth Social Login 7.x-2.9
Hybridauth Social Login Project Hybridauth Social Login 7.x-2.0
Hybridauth Social Login Project Hybridauth Social Login 7.x-2.5
Hybridauth Social Login Project Hybridauth Social Login 7.x-2.7
Hybridauth Social Login Project Hybridauth Social Login 7.x-2.6
Hybridauth Social Login Project Hybridauth Social Login 7.x-2.8
NA
CVE-2023-30603
Hitron Technologies CODA-5310 Telnet function with the default account and password, and there is no warning or prompt to ask users to change the default password and account. An unauthenticated remote attackers can exploit this vulnerability to obtain the administrator’s p...
Hitrontech Coda-5310 Firmware 7.2.4.7.1b3
7.6
CVSSv2
CVE-2021-41066
An issue exists in Listary up to and including 6. When Listary is configured as admin, Listary will not ask for permissions again if a user tries to access files on the system from Listary itself (it will bypass UAC protection; there is no privilege validation of the current user...
Bopsoft Listary
6.8
CVSSv2
CVE-2008-5749
Argument injection vulnerability in Google Chrome 1.0.154.36 on Windows XP SP3 allows remote malicious users to execute arbitrary commands via the --renderer-path option in a chromehtml: URI. NOTE: a third party disputes this issue, stating that Chrome "will ask for user per...
Google Chrome 1.0.154.36
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »