Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sense of security vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2019-10884
Uniqkey Password Manager 1.14 contains a vulnerability because it fails to recognize the difference between domains and sub-domains. The vulnerability means that passwords saved for example.com will be recommended for usersite.example.com. This could lead to successful phishing c...
Uniqkey Password Manager 1.14
445
VMScore
CVE-2021-28117
libdiscover/backends/KNSBackend/KNSResource.cpp in KDE Discover prior to 5.21.3 automatically creates links to potentially dangerous URLs (that are neither https:// nor http://) based on the content of the store.kde.org web site. (5.18.7 is also a fixed version.)
Kde Discover
NA
CVE-2021-3563
A flaw was found in openstack-keystone. Only the first 72 characters of an application secret are verified allowing attackers bypass some password complexity which administrators may be counting on. The highest threat from this vulnerability is to data confidentiality and integri...
Openstack Keystone
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Redhat Openstack Platform 16.1
Redhat Openstack Platform 13.0
Redhat Openstack Platform 10.0
Redhat Openstack Platform 16.2
383
VMScore
CVE-2020-11054
In qutebrowser versions less than 1.11.1, reloading a page with certificate errors shows a green URL. After a certificate error was overridden by the user, qutebrowser displays the URL as yellow (colors.statusbar.url.warn.fg). However, when the affected website was subsequently l...
Qutebrowser Qutebrowser
Fedoraproject Fedora 31
Fedoraproject Fedora 32
570
VMScore
CVE-2019-19391
In LuaJIT up to and including 2.0.5, as used in Moonjit prior to 2.1.2 and other products, debug.getinfo has a type confusion issue that leads to arbitrary memory write or read operations, because certain cases involving valid stack levels and > options are mishandled. NOTE: T...
Luajit Luajit
Moonjit Project Moonjit
383
VMScore
CVE-2020-26961
When DNS over HTTPS is in use, it intentionally filters RFC1918 and related IP ranges from the responses as these do not make sense coming from a DoH resolver. However when an IPv4 address was mapped through IPv6, these addresses were erroneously let through, leading to a potenti...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
440
VMScore
CVE-2011-0961
Cross-site scripting (XSS) vulnerability in cwhp/device.center.do in the Help servlet in Cisco CiscoWorks Common Services 3.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the device parameter, aka Bug ID CSCto12704.
Cisco Ciscoworks Common Services 2.2
Cisco Ciscoworks Common Services
Cisco Ciscoworks Common Services 3.0.6
Cisco Ciscoworks Common Services 3.0.4
Cisco Ciscoworks Common Services 3.2
Cisco Ciscoworks Common Services 1.0
Cisco Ciscoworks Common Services 3.1.1
Cisco Ciscoworks Common Services 3.0
Cisco Ciscoworks Common Services 3.1
Cisco Ciscoworks Common Services 3.0.3
Cisco Ciscoworks Common Services 3.0.5
2 EDB exploits
312
VMScore
CVE-2021-36563
The CheckMK management web console (versions 1.5.0 to 2.0.0) does not sanitise user input in various parameters of the WATO module. This allows an malicious user to open a backdoor on the device with HTML content and interpreted by the browser (such as JavaScript or other client-...
Checkmk Checkmk
1 Github repository
605
VMScore
CVE-2020-35113
Mozilla developers reported memory safety bugs present in Firefox 83 and Firefox ESR 78.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Fire...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
383
VMScore
CVE-2020-26956
In some cases, removing HTML elements during sanitization would keep existing SVG event handlers and therefore lead to XSS. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »