Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
plus vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-31901
Buffer overflow in function Notepad_plus::addHotSpot in Notepad++ v8.4.3 and previous versions allows malicious users to crash the application via two crafted files.
Notepad-plus-plus Notepad\\+\\+
1 Github repository
NA
CVE-2022-31902
Notepad++ v8.4.1 exists to contain a stack overflow via the component Finder::add().
Notepad-plus-plus Notepad\\+\\+
1 Github repository
NA
CVE-2022-32168
Notepad++ versions 8.4.1 and before are vulnerable to DLL hijacking where an attacker can replace the vulnerable dll (UxTheme.dll) with his own dll and run arbitrary code in the context of Notepad++.
Notepad-plus-plus Notepad\\+\\+
NA
CVE-2023-40031
Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer write overflow in `Utf8_16_Read::convert`. This issue may lead to arbitrary code execution. As of time of publication, no known patches are available in existing version...
Notepad-plus-plus Notepad\\+\\+
2 Github repositories
NA
CVE-2023-40164
Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to global buffer read overflow in `nsCodingStateMachine::NextStater`. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation info...
Notepad-plus-plus Notepad\\+\\+
1 Github repository
NA
CVE-2023-40166
Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer read overflow in `FileManager::detectLanguageFromTextBegining `. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory alloc...
Notepad-plus-plus Notepad\\+\\+
1 Github repository
4
CVSSv2
CVE-2019-17112
An issue exists in Zoho ManageEngine DataSecurity Plus prior to 5.0.1 5012. An exposed service allows a basic user ("Operator" access level) to access the configuration file of the mail server (except for the password).
Zohocorp Manageengine Datasecurity Plus 4.0
Zohocorp Manageengine Datasecurity Plus 4.1
Zohocorp Manageengine Datasecurity Plus 4.2
Zohocorp Manageengine Datasecurity Plus 4.3
Zohocorp Manageengine Datasecurity Plus 5.0
NA
CVE-2023-29443
Zoho ManageEngine ServiceDesk Plus prior to 14105, ServiceDesk Plus MSP prior to 14200, SupportCenter Plus prior to 14200, and AssetExplorer prior to 6989 allow SDAdmin malicious users to conduct XXE attacks via a crafted server that sends malformed XML from a Reports integration...
Zohocorp Manageengine Assetexplorer 6.9
Zohocorp Manageengine Servicedesk Plus 14.1
Zohocorp Manageengine Servicedesk Plus
Zohocorp Manageengine Servicedesk Plus Msp 14.0
Zohocorp Manageengine Servicedesk Plus Msp
Zohocorp Manageengine Supportcenter Plus 14.0
Zohocorp Manageengine Supportcenter Plus
7.5
CVSSv2
CVE-2008-3433
SpeedBit Download Accelerator Plus (DAP) prior to 8.6.3.9 does not properly verify the authenticity of updates, which allows man-in-the-middle malicious users to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.
Speedbit Download Accelerator Plus 8.1
Speedbit Download Accelerator Plus
Speedbit Download Accelerator Plus 8.0
Speedbit Download Accelerator Plus 8.5
4.3
CVSSv2
CVE-2022-27103
element-plus 2.0.5 is vulnerable to Cross Site Scripting (XSS) via el-table-column.
Element-plus Element-plus 2.0.5
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »