Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2019-14524
An issue exists in Schism Tracker up to and including 20190722. There is a heap-based buffer overflow via a large number of song patterns in fmt_mtm_load_song in fmt/mtm.c, a different vulnerability than CVE-2019-14465.
Schismtracker Schism Tracker
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Backports Sle-15
4.9
CVSSv3
CVE-2019-14525
In Octopus Deploy 2019.4.0 up to and including 2019.6.x prior to 2019.6.6, and 2019.7.x prior to 2019.7.6, an authenticated system administrator is able to view sensitive values by visiting a server configuration page or making an API call.
Octopus Octopus Deploy
Octopus Octopus Server
7.8
CVSSv3
CVE-2019-14528
GnuCOBOL 2.2 has a heap-based buffer overflow in read_literal in cobc/scanner.l via crafted COBOL source code.
Gnucobol Project Gnucobol 2.2
9.8
CVSSv3
CVE-2019-14531
An issue exists in The Sleuth Kit (TSK) 4.6.6. There is an out of bounds read on iso9660 while parsing System Use Sharing Protocol data in fs/iso9660.c.
Sleuthkit The Sleuth Kit 4.6.6
NA
CVE-2009-4378
The IPMI dissector in Wireshark 1.2.0 up to and including 1.2.4 on Windows allows remote malicious users to cause a denial of service (crash) via a crafted packet, related to "formatting a date/time using strftime."
Wireshark Wireshark 1.2.3
Wireshark Wireshark 1.2.4
Wireshark Wireshark 1.2.1
Wireshark Wireshark 1.2.2
Wireshark Wireshark 1.2.0
9.8
CVSSv3
CVE-2019-14532
An issue exists in The Sleuth Kit (TSK) 4.6.6. There is an off-by-one overwrite due to an underflow on tools/hashtools/hfind.cpp while using a bogus hash table.
Sleuthkit The Sleuth Kit 4.6.6
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
NA
CVE-2009-4382
Cross-site scripting (XSS) vulnerability in module.php in PHPFABER CMS, possibly 1.3.36, allows remote malicious users to inject arbitrary web script or HTML via the mod parameter.
Phpfaber Phpfaber Content Management System 1.3.36
1 EDB exploit
5.5
CVSSv3
CVE-2019-14534
In VideoLAN VLC media player 3.0.7.1, there is a NULL pointer dereference at the function SeekPercent of demux/asf/asf.c that will lead to a denial of service attack.
Videolan Vlc Media Player 3.0.7.1
Debian Debian Linux 9.0
Debian Debian Linux 10.0
NA
CVE-2009-4384
Multiple cross-site scripting (XSS) vulnerabilities in Scriptsez.net Ez Poll Hoster (EPH) allow remote malicious users to inject arbitrary web script or HTML via the (1) pid parameter in a code action to index.php and the (2) uid parameter in a view action to profile.php.
Scriptsez Ez Poll Hoster
1 EDB exploit
7.8
CVSSv3
CVE-2019-14535
A divide-by-zero error exists in the SeekIndex function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1. As a result, an FPE can be triggered via a crafted WMV file.
Videolan Vlc Media Player 3.0.7.1
Debian Debian Linux 10.0
Debian Debian Linux 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »