Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
login security project vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-2841
Integer underflow in the exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 might allow remote malicious users to execute arbitrary code via vectors involving a crafted buffer-size parameter during the formatting of an EXIF tag, lea...
Libexif Project Libexif 0.6.20
NA
CVE-2012-2814
Buffer overflow in the exif_entry_format_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 allows remote malicious users to cause a denial of service or possibly execute arbitrary code via crafted EXIF tags in an image.
Libexif Project Libexif 0.6.20
7.5
CVSSv3
CVE-2021-36369
An issue exists in Dropbear up to and including 2020.81. Due to a non-RFC-compliant check of the available authentication methods in the client-side SSH code, it is possible for an SSH server to change the login process in its favor. This attack can bypass additional security mea...
Dropbear Ssh Project Dropbear Ssh
Debian Debian Linux 10.0
2 Github repositories
7.5
CVSSv3
CVE-2019-15903
In libexpat prior to 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.
Libexpat Project Libexpat
Python Python
NA
CVE-2011-4599
Stack-based buffer overflow in the _canonicalize function in common/uloc.c in International Components for Unicode (ICU) prior to 49.1 allows remote malicious users to execute arbitrary code via a crafted locale ID that is not properly handled during variant canonicalization.
Icu-project International Components For Unicode
6.4
CVSSv3
CVE-2023-40661
Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using pkcs15-init when a user or administrator enrolls cards. To take advantage of these flaws, an attacker must have physical access to the computer system and ...
Opensc Project Opensc
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
NA
CVE-2015-3885
Integer overflow in the ljpeg_start function in dcraw 7.00 and previous versions allows remote malicious users to cause a denial of service (crash) via a crafted image, which triggers a buffer overflow, related to the len variable.
Dcraw Project Dcraw
Fedoraproject Fedora 21
9.8
CVSSv3
CVE-2021-42169
The Simple Payroll System with Dynamic Tax Bracket in PHP using SQLite Free Source Code (by: oretnom23 ) is vulnerable from remote SQL-Injection-Bypass-Authentication for the admin account. The parameter (username) from the login form is not protected correctly and there is no se...
Simple Payroll System With Dynamic Tax Bracket Project Simple Payroll System With Dynamic Tax Bracket 1.0
NA
CVE-2008-3520
Multiple integer overflows in JasPer 1.900.1 might allow context-dependent malicious users to have an unknown impact via a crafted image file, related to integer multiplication for memory allocation.
Jasper Project Jasper 1.900.1
6.1
CVSSv3
CVE-2019-13038
mod_auth_mellon up to and including 0.14.2 has an Open Redirect via the login?ReturnTo= substring, as demonstrated by omitting the // after http: in the target URL.
Mod Auth Mellon Project Mod Auth Mellon
Oracle Zfs Storage Appliance Kit 8.8
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »