Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
plus vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2023-40036
Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to global buffer read overflow in `CharDistributionAnalysis::HandleOneChar`. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocati...
Notepad-plus-plus Notepad\\+\\+
1 Github repository
5.5
CVSSv3
CVE-2023-40164
Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to global buffer read overflow in `nsCodingStateMachine::NextStater`. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation info...
Notepad-plus-plus Notepad\\+\\+
1 Github repository
5.5
CVSSv3
CVE-2023-40166
Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer read overflow in `FileManager::detectLanguageFromTextBegining `. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory alloc...
Notepad-plus-plus Notepad\\+\\+
1 Github repository
6.5
CVSSv3
CVE-2022-31901
Buffer overflow in function Notepad_plus::addHotSpot in Notepad++ v8.4.3 and previous versions allows malicious users to crash the application via two crafted files.
Notepad-plus-plus Notepad\\+\\+
1 Github repository
5.5
CVSSv3
CVE-2022-31902
Notepad++ v8.4.1 exists to contain a stack overflow via the component Finder::add().
Notepad-plus-plus Notepad\\+\\+
1 Github repository
NA
CVE-2006-7001
Directory traversal vulnerability in avatar.php in PhpMyChat Plus 1.9 and previous versions allows remote malicious users to read arbitrary files via a .. (dot dot) in the L parameter, a different issue than CVE-2006-5897. NOTE: the provenance of this information is unknown; the ...
Phpmychat Plus Phpmychat Plus
4.3
CVSSv3
CVE-2019-17112
An issue exists in Zoho ManageEngine DataSecurity Plus prior to 5.0.1 5012. An exposed service allows a basic user ("Operator" access level) to access the configuration file of the mail server (except for the password).
Zohocorp Manageengine Datasecurity Plus 4.0
Zohocorp Manageengine Datasecurity Plus 4.1
Zohocorp Manageengine Datasecurity Plus 4.2
Zohocorp Manageengine Datasecurity Plus 4.3
Zohocorp Manageengine Datasecurity Plus 5.0
4.9
CVSSv3
CVE-2023-29443
Zoho ManageEngine ServiceDesk Plus prior to 14105, ServiceDesk Plus MSP prior to 14200, SupportCenter Plus prior to 14200, and AssetExplorer prior to 6989 allow SDAdmin malicious users to conduct XXE attacks via a crafted server that sends malformed XML from a Reports integration...
Zohocorp Manageengine Assetexplorer 6.9
Zohocorp Manageengine Servicedesk Plus 14.1
Zohocorp Manageengine Servicedesk Plus
Zohocorp Manageengine Servicedesk Plus Msp 14.0
Zohocorp Manageengine Servicedesk Plus Msp
Zohocorp Manageengine Supportcenter Plus 14.0
Zohocorp Manageengine Supportcenter Plus
NA
CVE-2008-3433
SpeedBit Download Accelerator Plus (DAP) prior to 8.6.3.9 does not properly verify the authenticity of updates, which allows man-in-the-middle malicious users to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.
Speedbit Download Accelerator Plus 8.1
Speedbit Download Accelerator Plus
Speedbit Download Accelerator Plus 8.0
Speedbit Download Accelerator Plus 8.5
5.5
CVSSv3
CVE-2023-6105
An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. A low-privileged OS user with access to the host where an affected ManageEngine product is installed can view and use the exposed key to decrypt prod...
Zohocorp Manageengine Mobile Device Manager Plus 10.1.2207.4
Zohocorp Manageengine Appcreator
Zohocorp Manageengine Analytics Plus
Zohocorp Manageengine Endpoint Central Msp
Zohocorp Manageengine Endpoint Central
Zohocorp Manageengine Remote Monitoring And Management
Zohocorp Manageengine Os Deployer
Zohocorp Manageengine Remote Access Plus
Zohocorp Manageengine Mobile Device Manager Plus
Zohocorp Manageengine Application Control Plus
Zohocorp Manageengine Vulnerability Manager Plus
Zohocorp Manageengine Browser Security Plus
Zohocorp Manageengine Patch Manager Plus
Zohocorp Manageengine Device Control Plus
Zohocorp Manageengine Endpoint Dlp Plus
Zohocorp Manageengine Adselfservice Plus 6.3
Zohocorp Manageengine Adselfservice Plus
Zohocorp Manageengine Admanager Plus
Zohocorp Manageengine Admanager Plus 7.2
Zohocorp Manageengine Adaudit Plus 7.2
Zohocorp Manageengine Adaudit Plus
Zohocorp Manageengine Cloud Security Plus 4.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »