Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
daniel a. vulnerabilities and exploits
(subscribe to this query)
384
VMScore
CVE-2017-7526
libgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the left-to-right method for computing the sliding-window expansion. The same attack is believed to work on RSA-2048 with moderately more computatio...
Gnupg Libgcrypt
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
NA
CVE-2023-38382
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Daniel Söderström / Sidney van de Stouwe Subscribe to Category allows SQL Injection.This issue affects Subscribe to Category: from n/a up to and including 2.7...
Subscribe To Category Project Subscribe To Category
668
VMScore
CVE-2005-1175
Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT Kerberos 5 (krb5) 1.4.1 and previous versions allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a certain valid TCP or UDP request.
Mit Kerberos 5 1.3
Mit Kerberos 5 1.3.1
Mit Kerberos 5 1.3.2
Mit Kerberos 5 1.3.3
Mit Kerberos 5 1.3.4
Mit Kerberos 5 1.3.5
Mit Kerberos 5 1.3.6
Mit Kerberos 5 1.4
Mit Kerberos 5 1.4.1
570
VMScore
CVE-2008-4392
dnscache in Daniel J. Bernstein djbdns 1.05 does not prevent simultaneous identical outbound DNS queries, which makes it easier for remote malicious users to spoof DNS responses, as demonstrated by a spoofed A record in the Additional section of a response to a Start of Authority...
D.j.bernstein Djbdns 1.05
1 Github repository
470
VMScore
CVE-2001-0623
sendfiled, as included with Simple Asynchronous File Transfer (SAFT), on various Linux systems does not properly drop privileges when sending notification emails, which allows local malicious users to gain privileges.
Sendfile Sendfile
2 EDB exploits
571
VMScore
CVE-2012-1191
The resolver in dnscache in Daniel J. Bernstein djbdns 1.05 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote malicious users to trigger continued resolvability of revoked domain names via a &...
D.j.bernstein Djbdns 1.05
4 Github repositories
585
VMScore
CVE-2009-0858
The response_addname function in response.c in Daniel J. Bernstein djbdns 1.05 and previous versions does not constrain offsets in the required manner, which allows remote attackers, with control over a third-party subdomain served by tinydns and axfrdns, to trigger DNS responses...
D.j.bernstein Djbdns
1 EDB exploit
169
VMScore
CVE-2015-7511
Libgcrypt prior to 1.6.5 does not properly perform elliptic-point curve multiplication during decryption, which makes it easier for physically proximate malicious users to extract ECDH keys by measuring electromagnetic emanations.
Gnupg Libgcrypt
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
1 Article
NA
CVE-2023-23595
BlueCat Device Registration Portal 2.2 allows XXE attacks that exfiltrate single-line files. A single-line file might contain credentials, such as "machine example.com login daniel password qwerty" in the documentation example for the .netrc file format. NOTE: 2.x versi...
Bluecatnetworks Device Registration Portal 2.2
1 Github repository
445
VMScore
CVE-2010-1624
The msn_emoticon_msg function in slp.c in the MSN protocol plugin in libpurple in Pidgin prior to 2.7.0 allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a custom emoticon in a malformed SLP message.
Pidgin Pidgin
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »