Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xrdp vulnerabilities and exploits
(subscribe to this query)
436
VMScore
CVE-2017-5414
The file picker dialog can choose and display the wrong local default directory when instantiated. On some operating systems, this can lead to information disclosure, such as the operating system or the local account name. This vulnerability affects Firefox < 52 and Thunderbir...
Mozilla Firefox
Mozilla Thunderbird
445
VMScore
CVE-2017-5422
If a malicious site uses the "view-source:" protocol in a series within a single hyperlink, it can trigger a non-exploitable browser crash when the hyperlink is selected. This was fixed by no longer making "view-source:" linkable. This vulnerability affects Fi...
Mozilla Firefox
Mozilla Thunderbird
668
VMScore
CVE-2017-5403
When adding a range to an object in the DOM, it is possible to use "addRange" to add the range to an incorrect root object. This triggers a use-after-free, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 52 and Thunderbird < 52.
Mozilla Thunderbird
Mozilla Firefox
383
VMScore
CVE-2017-5420
A "javascript:" url loaded by a malicious page can obfuscate its location by blanking the URL displayed in the addressbar, allowing for an malicious user to spoof an existing page without the malicious page's address being displayed correctly. This vulnerability af...
Mozilla Firefox
445
VMScore
CVE-2017-5417
When dragging content from the primary browser pane to the addressbar on a malicious site, it is possible to change the addressbar so that the displayed location following navigation does not match the URL of the newly loaded page. This allows for spoofing attacks. This vulnerabi...
Mozilla Firefox
445
VMScore
CVE-2017-5426
On Linux, if the secure computing mode BPF (seccomp-bpf) filter is running when the Gecko Media Plugin sandbox is started, the sandbox fails to be applied and items that would run within the sandbox are run protected only by the running filter which is typically weak compared to ...
Mozilla Firefox
Mozilla Thunderbird
169
VMScore
CVE-2017-5427
A non-existent chrome.manifest file will attempt to be loaded during startup from the primary installation directory. If a malicious user with local access puts chrome.manifest and other referenced files in this directory, they will be loaded and activated during startup. This co...
Mozilla Firefox
445
VMScore
CVE-2021-22815
A CWE-200: Information Exposure vulnerability exists which could cause the troubleshooting archive to be accessed. Affected Products: 1-Phase Uninterruptible Power Supply (UPS) using NMC2 including Smart-UPS, Symmetra, and Galaxy 3500 with Network Management Card 2 (NMC2): AP9630...
Schneider-electric Network Management Card 2 Firmware
Schneider-electric Network Management Card 3 Firmware
755
VMScore
CVE-2017-5404
A use-after-free error can occur when manipulating ranges in selections with one node inside a native anonymous tree and one node outside of it. This results in a potentially exploitable crash. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52...
Debian Debian Linux 9.0
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server 6.0
Mozilla Thunderbird
Mozilla Firefox
Mozilla Firefox Esr
1 EDB exploit
383
VMScore
CVE-2021-22813
A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause arbritrary script execution when a privileged account clicks on a malicious URL specifically crafted for the NMC pointing to an edit poli...
Schneider-electric Network Management Card 2 Firmware
Schneider-electric Network Management Card 3 Firmware
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »