Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
security news vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-2120
Google Chrome 1.0.154.48 allows remote malicious users to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid news:// URIs.
Google Chrome 1.0.154.48
10
CVSSv3
CVE-2019-5684
NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in DirectX drivers, in which a specially crafted shader can cause an out of bounds access of an input texture array, which may lead to denial of service or code execution.
Nvidia Gpu Driver
1 Article
9.8
CVSSv3
CVE-2019-5685
NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in DirectX drivers, in which a specially crafted shader can cause an out of bounds access to a shader local temporary array, which may lead to denial of service or code execution.
Nvidia Gpu Driver
1 Article
NA
CVE-2004-1316
Heap-based buffer overflow in MSG_UnEscapeSearchUrl in nsNNTPProtocol.cpp for Mozilla 1.7.3 and previous versions allows remote malicious users to cause a denial of service (application crash) via an NNTP URL (news:) with a trailing '\' (backslash) character, which prev...
Mozilla Mozilla 1.7
Mozilla Mozilla 1.5
Mozilla Mozilla 1.6
Mozilla Mozilla 1.4.1
Mozilla Mozilla 1.3
Mozilla Mozilla 1.4
Mozilla Mozilla
Mozilla Mozilla 1.7.1
Mozilla Mozilla 1.5.1
Mozilla Mozilla 1.7.2
Mozilla Mozilla 1.7.3
9.8
CVSSv3
CVE-2021-3711
In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" paramete...
Openssl Openssl
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Santricity Smi-s Provider -
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Manageability Software Development Kit -
Netapp Storage Encryption -
Netapp E-series Santricity Os Controller
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Jd Edwards World Security A9.4
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Enterprise Session Border Controller 8.4
Oracle Enterprise Communications Broker 3.2.0
Oracle Zfs Storage Appliance Kit 8.8
Oracle Peoplesoft Enterprise Peopletools 8.59
1 Github repository
1 Article
NA
CVE-2005-1911
The fetchnews NNTP client in leafnode 1.11.2 and previous versions can hang while waiting for input that never arrives, which allows remote NNTP servers to cause a denial of service (news loss).
Leafnode Leafnode 1.9.26
Leafnode Leafnode 1.9.33
Leafnode Leafnode 1.9.46
Leafnode Leafnode 1.9.22
Leafnode Leafnode 1.9.34
Leafnode Leafnode 1.9.42
Leafnode Leafnode 1.9.52
Leafnode Leafnode 1.9.20
Leafnode Leafnode 1.9.30
Leafnode Leafnode 1.9.44
Leafnode Leafnode 1.9.43
Leafnode Leafnode 1.9.48
Leafnode Leafnode 1.9.41
Leafnode Leafnode 1.9.25
Leafnode Leafnode 1.9.28
Leafnode Leafnode 1.9.19
Leafnode Leafnode 1.9.21
Leafnode Leafnode 1.9.40
Leafnode Leafnode 1.9.27
Leafnode Leafnode 1.9.31
Leafnode Leafnode 1.9.37
Leafnode Leafnode 1.9.47
NA
CVE-2024-28095
News functionality in Schoolbox application before version 23.1.3 is vulnerable to stored cross-site scripting allowing authenticated malicious user to perform security actions in the context of the affected users.
8.8
CVSSv3
CVE-2019-8553
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2. Clicking a malicious SMS link may lead to arbitrary code execution.
Apple Iphone Os
Apple Watchos
Apple Tvos
1 Article
7.5
CVSSv3
CVE-2020-19878
DBHcms v1.2.0 has a sensitive information leaks vulnerability as there is no security access control in /dbhcms/ext/news/ext.news.be.php, A remote unauthenticated attacker can exploit this vulnerability to get path information.
Dbhcms Project Dbhcms 1.2.0
NA
CVE-2014-4274
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and previous versions and 5.6.19 and previous versions allows local users to affect confidentiality, integrity, and availability via vectors related to SERVER:MyISAM.
Oracle Solaris 11.3
Oracle Mysql
Mariadb Mariadb
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »