Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
scott vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2016-8863
Heap-based buffer overflow in the create_url_list function in gena/gena_device.c in Portable UPnP SDK (aka libupnp) prior to 1.6.21 allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a valid URI followed by an invalid one in ...
Libupnp Project Libupnp
Debian Debian Linux 8.0
1 Github repository
NA
CVE-2007-5904
Multiple buffer overflows in CIFS VFS in Linux kernel 2.6.23 and previous versions allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via long SMB responses that trigger the overflows in the SendReceive function.
Linux Linux Kernel
6.5
CVSSv3
CVE-2018-0489
Shibboleth XMLTooling-C prior to 1.6.4, as used in Shibboleth Service Provider prior to 2.6.1.4 on Windows and other products, mishandles digital signatures of user data, which allows remote malicious users to obtain sensitive information or conduct impersonation attacks via craf...
Shibboleth Xmltooling-c
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Arubanetworks Clearpass
NA
CVE-2007-3104
The sysfs_readdir function in the Linux kernel 2.6, as used in Red Hat Enterprise Linux (RHEL) 4.5 and other distributions, allows users to cause a denial of service (kernel OOPS) by dereferencing a null pointer to an inode in a dentry.
Linux Linux Kernel 2.6.0
NA
CVE-2007-5500
The wait_task_stopped function in the Linux kernel prior to 2.6.23.8 checks a TASK_TRACED bit instead of an exit_state value, which allows local users to cause a denial of service (machine crash) via unspecified vectors. NOTE: some of these details are obtained from third party i...
Linux Linux Kernel
NA
CVE-2007-4997
Integer underflow in the ieee80211_rx function in net/ieee80211/ieee80211_rx.c in the Linux kernel 2.6.x prior to 2.6.23 allows remote malicious users to cause a denial of service (crash) via a crafted SKB length value in a runt IEEE 802.11 frame when the IEEE80211_STYPE_QOS_DATA...
Linux Linux Kernel
NA
CVE-2001-0123
Directory traversal vulnerability in eXtropia bbs_forum.cgi 1.0 allows remote malicious users to read arbitrary files via a .. (dot dot) attack on the file parameter.
Extropia Bbs Forum.cgi 1.0
1 EDB exploit
8.8
CVSSv3
CVE-2019-19774
An issue exists in Zoho ManageEngine EventLog Analyzer 10.0 SP1 before Build 12110. By running "select hostdetails from hostdetails" at the /event/runquery.do endpoint, it is possible to bypass the security restrictions that prevent even administrative users from viewin...
Zohocorp Manageengine Eventlog Analyzer
1 EDB exploit
NA
CVE-2023-48901
A SQL injection vulnerability in tramyardg Autoexpress version 1.3.0, allows remote unauthenticated malicious users to execute arbitrary SQL commands via the parameter "id" within the getPhotosByCarId function call in details.php.
NA
CVE-2023-48902
An issue exists in tramyardg autoexpress version 1.3.0, allows unauthenticated remote malicious users to escalate privileges, update car data, delete vehicles, and upload car images via authentication bypass in uploadCarImages.php.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »