Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
r project vulnerabilities and exploits
(subscribe to this query)
3.3
CVSSv3
CVE-2023-29383
In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \n is in the block list), it is possible to misrepresent the /etc...
Shadow Project Shadow 4.13
6.1
CVSSv3
CVE-2013-2294
Multiple cross-site scripting (XSS) vulnerabilities in ViewGit prior to 0.0.7 allow remote repository users to inject arbitrary web script or HTML via a (1) tag name to the Shortlog table in templates/shortlog.php or branch name to the (2) Shortlog table in templates/shortlog.php...
Viewgit Project Viewgit
1 EDB exploit
7.5
CVSSv3
CVE-2022-24884
ecdsautils is a tiny collection of programs used for ECDSA (keygen, sign, verify). `ecdsa_verify_[prepare_]legacy()` does not check whether the signature values `r` and `s` are non-zero. A signature consisting only of zeroes is always considered valid, making it trivial to forge ...
Ecdsautils Project Ecdsautils
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
NA
CVE-2013-4730
Buffer overflow in PCMan's FTP Server 2.0.7 allows remote malicious users to execute arbitrary code via a long string in a USER command.
Pcman\\'s Ftp Server Project Pcman\\'s Ftp Server 2.0.7
11 EDB exploits
2 Github repositories
7.8
CVSSv3
CVE-2021-33137
Out-of-bounds write in the Intel(R) Kernelflinger project may allow an authenticated user to potentially enable escalation of privilege via local access.
Intel Kernelflinger
9.8
CVSSv3
CVE-2021-22289
Improper Input Validation vulnerability in the project upload mechanism in B&R Automation Studio version >=4.0 may allow an unauthenticated network malicious user to execute code.
Br-automation Studio
7.5
CVSSv3
CVE-2023-0457
Plaintext Storage of a Password vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series, MELSEC iQ-R Series, MELSEC-Q Series and MELSEC-L Series allows a remote unauthenticated malicious user to disclose plaintext credentials stored in project files and login into FTP...
Mitsubishielectric Fx5uc-32mr\\/ds-ts Firmware
Mitsubishielectric Fx5uc-32mt\\/d Firmware
Mitsubishielectric Fx5uc-32mt\\/dss Firmware
Mitsubishielectric Fx5uc-32mt\\/dss-ts Firmware
Mitsubishielectric Fx5uc-32mt\\/ds-ts Firmware
Mitsubishielectric Fx5uc-64mt\\/d Firmware
Mitsubishielectric Fx5uc-64mt\\/dss Firmware
Mitsubishielectric Fx5uc-96mt\\/d Firmware
Mitsubishielectric Fx5uc-96mt\\/dss Firmware
Mitsubishielectric Fx5uj-24mr\\/es Firmware
Mitsubishielectric Fx5uj-24mr\\/es-a Firmware
Mitsubishielectric Fx5uj-24mt\\/es Firmware
Mitsubishielectric Fx5uj-24mt\\/es-a Firmware
Mitsubishielectric Fx5uj-24mt\\/ess Firmware
Mitsubishielectric Fx5uj-40mr\\/es Firmware
Mitsubishielectric Fx5uj-40mr\\/es-a Firmware
Mitsubishielectric Fx5uj-40mt\\/es Firmware
Mitsubishielectric Fx5uj-40mt\\/es-a Firmware
Mitsubishielectric Fx5uj-40mt\\/ess Firmware
Mitsubishielectric Fx5uj-60mr\\/es Firmware
Mitsubishielectric Fx5uj-60mr\\/es-a Firmware
Mitsubishielectric Fx5uj-60mt\\/es Firmware
5.5
CVSSv3
CVE-2021-21364
swagger-codegen is an open-source project which contains a template-driven engine to generate documentation, API clients and server stubs in different languages by parsing your OpenAPI / Swagger definition. In swagger-codegen before version 2.4.19, on Unix-Like systems, the syste...
Smartbear Swagger-codegen
3.3
CVSSv3
CVE-2022-41954
MPXJ is an open source library to read and write project plans from a variety of file formats and databases. On Unix-like operating systems (not Windows or macos), MPXJ's use of `File.createTempFile(..)` results in temporary files being created with the permissions `-rw-r--r...
Mpxj Mpxj
NA
CVE-2009-4307
The ext4_fill_flex_info function in fs/ext4/super.c in the Linux kernel prior to 2.6.32-git6 allows user-assisted remote malicious users to cause a denial of service (divide-by-zero error and panic) via a malformed ext4 filesystem containing a super block with a large FLEX_BG gro...
Linux Linux Kernel 2.6.27.29
Linux Linux Kernel 2.6.27.12
Linux Linux Kernel 2.6.20.6
Linux Linux Kernel 2.6.20.9
Linux Linux Kernel 2.6.11
Linux Linux Kernel 2.6.23.4
Linux Linux Kernel 2.6.22.15
Linux Linux Kernel 2.6.16.16
Linux Linux Kernel 2.6.18.7
Linux Linux Kernel 2.6.17.12
Linux Linux Kernel 2.6.16.39
Linux Linux Kernel 2.6.27.3
Linux Linux Kernel 2.6.31
Linux Linux Kernel 2.6.29.3
Linux Linux Kernel 2.6.21
Linux Linux Kernel 2.6.16.9
Linux Linux Kernel 2.6.17.9
Linux Linux Kernel 2.6.11.2
Linux Linux Kernel 2.6.27.1
Linux Linux Kernel 2.6.5
Linux Linux Kernel 2.6.15.3
Linux Linux Kernel 2.6.27.30
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »