Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
coresecurity.com vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2009-2336
The forgotten mail interface in WordPress and WordPress MU prior to 2.8.1 exhibits different behavior for a password request depending on whether the user account exists, which allows remote malicious users to enumerate valid usernames. NOTE: the vendor reportedly disputes the si...
Wordpress Wordpress
Wordpress Wordpress Mu
NA
CVE-2009-23363
Core Security Technologies Advisory - A vulnerability was found in the way that WordPress handles some URL requests. This results in unprivileged users viewing the content of plugins configuration pages, and also in some plugins modifying plugin options and injecting JavaScript c...
NA
CVE-2015-00053
Core Security Technologies Advisory - The Microsoft Netlogon Remote Protocol is a remote procedure call (RPC) interface that is used, among other things, for user and machine authentication on domain-based networks. In a scenario where a client machine connects to a domain-joined...
4.3
CVSSv2
CVE-2007-5266
Off-by-one error in ICC profile chunk handling in the png_set_iCCP function in pngset.c in libpng prior to 1.0.29 beta1 and 1.2.x prior to 1.2.21 beta1 allows remote malicious users to cause a denial of service (crash) via a crafted PNG image that prevents a name field from being...
Libpng Libpng
NA
CVE-2009-09493
Core Security Technologies Advisory - CUPS versions 1.3.9 and below suffer from a handling flaw of the IPP_TAG_UNSUPPORTED tag that allows attackers to cause a remote pre-authentication denial of service.
NA
CVE-2009-42383
Core Security Technologies Advisory - The TestLink Test Management and Execution System suffers from cross site scripting and remote SQL injection vulnerabilities. Versions below 1.8.5 are affected.
5.8
CVSSv2
CVE-2007-4901
The embedded Internet Explorer server control in AOL Instant Messenger (AIM) 6.1.41.2 and 6.2.32.1, AIM Pro, and AIM Lite does not properly constrain the use of mshtml.dll's web script and HTML functionality for incoming instant messages, which allows remote malicious users ...
Aol Aim Lite
Aol Aim Pro
Aol Instant Messenger 6.2.32.1
NA
CVE-2009-25343
Core Security Technologies Advisory - The Real Helix DNA RTSP and SETUP request handler suffers from multiple denial of service vulnerabilities.
NA
CVE-2009-26203
Core Security Technologies Advisory - A remote denial of service vulnerability has been found in Firebird SQL, which can be exploited by a remote attacker to force the server to close the socket where it is listening for incoming connections and to enter an infinite loop, by send...
4.3
CVSSv2
CVE-2009-2897
Multiple cross-site scripting (XSS) vulnerabilities in hq/web/common/GenericError.jsp in the generic exception handler in the web interface in SpringSource Hyperic HQ 3.2.x prior to 3.2.6.1, 4.0.x prior to 4.0.3.1, 4.1.x prior to 4.1.2.1, and 4.2-beta1; Application Management Sui...
Springsource Tc Server 6.0.20
Springsource Hyperic Hq 3.2.0
Springsource Hyperic Hq 4.0.0
Springsource Hyperic Hq 4.2
Springsource Hyperic Hq 3.2
Springsource Hyperic Hq 3.2.2
Springsource Hyperic Hq 3.2.5
Springsource Hyperic Hq 4.1.1
Springsource Application Management Suite 2.0.0
Springsource Hyperic Hq 3.2.1
Springsource Hyperic Hq 3.2.3
Springsource Hyperic Hq 4.1.2
Springsource Hyperic Hq 4.0.2
Springsource Hyperic Hq 4.1.0
Springsource Hyperic Hq 3.2.6
Springsource Hyperic Hq 4.0.1
Springsource Hyperic Hq 4.0.3
Springsource Hyperic Hq 3.2.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »