Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jquery jquery vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-10933
An issue exists in Ruby 2.5.x up to and including 2.5.7, 2.6.x up to and including 2.6.5, and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size, buffer, exception: false), the method resizes the buffer to fit the requested size, but no data is copied. Thus, the bu...
Ruby-lang Ruby
Ruby-lang Ruby 2.7.0
Fedoraproject Fedora 31
Debian Debian Linux 10.0
5
CVSSv2
CVE-2020-10663
The JSON gem up to and including 2.2.0 for Ruby, as used in Ruby 2.4 up to and including 2.4.9, 2.5 up to and including 2.5.7, and 2.6 up to and including 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage...
Json Project Json
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.1
Debian Debian Linux 8.0
Debian Debian Linux 10.0
Apple Macos 11.0.1
7 Github repositories
5
CVSSv2
CVE-2020-1967
Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or u...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Freebsd Freebsd 12.1
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Jd Edwards World Security A9.4
Oracle Enterprise Manager Ops Center 12.4.0
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Mysql
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Mysql Enterprise Monitor
Oracle Mysql Workbench
Oracle Http Server 12.2.1.4.0
Oracle Enterprise Manager For Storage Management 13.3.0.0
Oracle Mysql Connectors
Oracle Enterprise Manager For Storage Management 13.4.0.0
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Application Server 12.1.3
7 Github repositories
1 Article
5
CVSSv2
CVE-2019-1551
There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult ...
Openssl Openssl
Opensuse Leap 15.1
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Mysql Enterprise Monitor
Oracle Enterprise Manager Ops Center 12.4.0.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Tenable Log Correlation Engine
5
CVSSv2
CVE-2019-16254
Ruby up to and including 2.4.7, 2.5.x up to and including 2.5.6, and 2.6.x up to and including 2.6.4 allows HTTP Response Splitting. If a program using WEBrick inserts untrusted input into the response header, an attacker can exploit it to insert a newline character to split a he...
Ruby-lang Ruby
Debian Debian Linux 8.0
5
CVSSv2
CVE-2016-10707
jQuery 3.0.0-rc.1 is vulnerable to Denial of Service (DoS) due to removing a logic that lowercased attribute names. Any attribute getter using a mixed-cased name for boolean attributes goes into an infinite recursion, exceeding the stack call limit.
Jquery Jquery 3.0.0
2 Github repositories
5
CVSSv2
CVE-2017-1000170
jqueryFileTree 2.1.5 and older Directory Traversal
Jqueryfiletree Project Jqueryfiletree
1 Github repository
5
CVSSv2
CVE-2016-2180
The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) implementation in OpenSSL up to and including 1.0.2h allows remote malicious users to cause a denial of service (out-of-bounds read and application crash) via a cr...
Openssl Openssl 1.0.1m
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.2e
Openssl Openssl 1.0.1r
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.2g
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.2h
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.1t
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.1p
Openssl Openssl 1.0.1k
Openssl Openssl 1.0.1b
Openssl Openssl 1.0.1n
Openssl Openssl 1.0.1q
Openssl Openssl 1.0.1e
Openssl Openssl 1.0.1l
5
CVSSv2
CVE-2016-4447
The xmlParseElementDecl function in parser.c in libxml2 prior to 2.9.4 allows context-dependent malicious users to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName.
Hp Icewall Federation Agent 3.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Oracle Vm Server 3.4
Oracle Vm Server 3.3
Apple Itunes 12.4.1
Apple Iphone Os
Apple Tvos
Apple Watchos
Apple Mac Os X
Xmlsoft Libxml2
Mcafee Web Gateway
5
CVSSv2
CVE-2015-1840
jquery_ujs.js in jquery-rails prior to 3.1.3 and 4.x prior to 4.0.4 and rails.js in jquery-ujs prior to 1.0.4, as used with Ruby on Rails 3.x and 4.x, allow remote malicious users to bypass the Same Origin Policy, and trigger transmission of a CSRF token to a different-domain web...
Fedoraproject Fedora 22
Fedoraproject Fedora 21
Rubyonrails Jquery-rails 4.0.0
Rubyonrails Jquery-rails
Rubyonrails Jquery-rails 4.0.1
Rubyonrails Jquery-ujs
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »