Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nathan vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-1528
The sse2_composite_src_x888_8888 function in Pixman, as used in Cairo in Mozilla Firefox 28.0 and SeaMonkey 2.25 on Windows, allows remote malicious users to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by painting on a CANVAS el...
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 14.04
Opensuse Project Opensuse 12.3
Opensuse Opensuse 13.1
Oracle Solaris 11.3
Mozilla Firefox 28.0
Mozilla Seamonkey 2.25
Fedoraproject Fedora 19
NA
CVE-2014-1526
The XrayWrapper implementation in Mozilla Firefox prior to 29.0 and SeaMonkey prior to 2.26 allows user-assisted remote malicious users to bypass intended access restrictions via a crafted web site that is visited in the debugger, leading to unwrapping operations and calls to DOM...
Mozilla Firefox
Mozilla Seamonkey
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Fedoraproject Fedora 19
NA
CVE-2014-1525
The mozilla::dom::TextTrack::AddCue function in Mozilla Firefox prior to 29.0 and SeaMonkey prior to 2.26 does not properly perform garbage collection for Text Track Manager variables, which allows remote malicious users to execute arbitrary code or cause a denial of service (use...
Mozilla Firefox
Mozilla Seamonkey
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Fedoraproject Fedora 19
NA
CVE-2014-1492
The cert_TestHostName function in lib/certdb/certdb.c in the certificate-checking implementation in Mozilla Network Security Services (NSS) prior to 3.16 accepts a wildcard character that is embedded in an internationalized domain name's U-label, which might allow man-in-the...
Mozilla Network Security Services 3.11.2
Mozilla Network Security Services 3.6.1
Mozilla Network Security Services 3.12.5
Mozilla Network Security Services 3.2
Mozilla Network Security Services 3.15
Mozilla Network Security Services 3.11.4
Mozilla Network Security Services 3.7.7
Mozilla Network Security Services 3.14.1
Mozilla Network Security Services 3.7.5
Mozilla Network Security Services 3.7.1
Mozilla Network Security Services 3.12.9
Mozilla Network Security Services 3.15.3
Mozilla Network Security Services 3.12.3.1
Mozilla Network Security Services 3.6
Mozilla Network Security Services 3.12.6
Mozilla Network Security Services 3.2.1
Mozilla Network Security Services 3.12.8
Mozilla Network Security Services
Mozilla Network Security Services 3.15.1
Mozilla Network Security Services 3.12.11
Mozilla Network Security Services 3.14.3
Mozilla Network Security Services 3.14.4
7.5
CVSSv3
CVE-2022-40303
An issue exists in libxml2 prior to 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation...
Xmlsoft Libxml2
Netapp Ontap Select Deploy Administration Utility -
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Active Iq Unified Manager -
Netapp Snapmanager -
Netapp Netapp Manageability Sdk -
Apple Macos
Apple Watchos
Apple Tvos
Apple Ipados
Apple Iphone Os
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
7.8
CVSSv3
CVE-2022-40304
An issue exists in libxml2 prior to 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.
Xmlsoft Libxml2
Netapp Clustered Data Ontap -
Netapp Smi-s Provider -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Active Iq Unified Manager -
Netapp Manageability Software Development Kit -
Netapp Snapmanager -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
Apple Macos
Apple Watchos
Apple Tvos
Apple Ipados
Apple Iphone Os
NA
CVE-2005-1492
Cross-site scripting (XSS) vulnerability in user.cgi in Gossamer Threads Links SQL 2.x and 3.0 allows remote malicious users to inject arbitrary web script or HTML via the url parameter.
Gossamer Threads Gossamer Threads Links 2.0
Gossamer Threads Gossamer Threads Links 2.2.0
Gossamer Threads Gossamer Threads Links-sql 3.0
1 EDB exploit
8.8
CVSSv3
CVE-2023-46214
In Splunk Enterprise versions below 9.0.7 and 9.1.2, Splunk Enterprise does not safely sanitize extensible stylesheet language transformations (XSLT) that users supply. This means that an attacker can upload malicious XSLT which can result in remote code execution on the Splunk E...
Splunk Cloud
Splunk Splunk
1 Github repository
NA
CVE-2012-3414
Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFUpload 2.2.0.1 and previous versions, as used in WordPress prior to 3.3.2, TinyMCE Image Manager 1.1, and other products, allows remote malicious users to inject arbitrary web script or HTML via the movieName paramet...
Wordpress Wordpress 3.0.5
Swfupload Project Swfupload 2.0.2
Wordpress Wordpress 3.0.2
Wordpress Wordpress 3.2.1
Wordpress Wordpress 3.1.4
Wordpress Wordpress 3.0
Wordpress Wordpress 3.2
Swfupload Project Swfupload 2.2.0
Wordpress Wordpress 3.0.1
Wordpress Wordpress 3.1.3
Swfupload Project Swfupload 2.1.0
Tinymce Image Manager 1.1
Wordpress Wordpress
Wordpress Wordpress 3.0.4
Wordpress Wordpress 3.1
Wordpress Wordpress 3.1.2
Wordpress Wordpress 3.0.6
Swfupload Project Swfupload
Wordpress Wordpress 3.1.1
Wordpress Wordpress -
Wordpress Wordpress 3.3
Wordpress Wordpress 3.0.3
1 EDB exploit
2 Github repositories
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-6280
CVE-2024-5346
CVE-2024-30078
CVE-2022-45803
CVE-2024-36886
SQL
CVE-2024-24553
IMAP
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3