Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
report project report vulnerabilities and exploits
(subscribe to this query)
8.6
CVSSv3
CVE-2021-32820
Express-handlebars is a Handlebars view engine for Express. Express-handlebars mixes pure template data with engine configuration options through the Express render API. More specifically, the layout parameter may trigger file disclosure vulnerabilities in downstream applications...
Express Handlebars Project Express Handlebars
9.8
CVSSv3
CVE-2023-1468
A vulnerability classified as critical was found in SourceCodester Student Study Center Desk Management System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/?page=reports&date_from=2023-02-17&date_to=2023-03-17 of the component Report H...
Student Study Center Desk Management System Project Student Study Center Desk Management System 1.0
2.6
CVSSv3
CVE-2021-21416
django-registration is a user registration package for Django. The django-registration package provides tools for implementing user-account registration flows in the Django web framework. In django-registration before 3.1.2, the base user-account registration view did not properl...
Django-registration Project Django-registration
NA
CVE-2012-5536
A certain Red Hat build of the pam_ssh_agent_auth module on Red Hat Enterprise Linux (RHEL) 6 and Fedora Rawhide calls the glibc error function instead of the error function in the OpenSSH codebase, which allows local users to obtain sensitive information from process memory or p...
Redhat Enterprise Linux 6.0
Fedora Project Fedora Release Rawhide -
8.8
CVSSv3
CVE-2019-17590
The csrf_callback function in the CSRF Magic library through 2016-03-27 is vulnerable to CSRF protection bypass as it allows one to tamper with the csrf token values. A remote attacker can exploit this by crafting a malicious page and dispersing it to a victim via social engineer...
Csrf Magic Project Csrf Magic
NA
CVE-2013-2037
httplib2 0.7.2, 0.8, and previous versions, after an initial connection is made, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle malicious users ...
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
Httplib2 Project Httplib2
Httplib2 Project Httplib2 0.8
7
CVSSv3
CVE-2018-1122
procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of several vulnerabilities in the config_file() function...
Procps-ng Project Procps-ng
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 17.10
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
1 EDB exploit
NA
CVE-2012-5958
Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) prior to 1.6.18 allows remote malicious users to execute arbitrary code via a UDP p...
Libupnp Project Libupnp 1.6.12
Libupnp Project Libupnp 1.6.11
Libupnp Project Libupnp 1.6.4
Libupnp Project Libupnp 1.6.3
Libupnp Project Libupnp 1.4.3
Libupnp Project Libupnp 1.4.2
Libupnp Project Libupnp 1.6.16
Libupnp Project Libupnp 1.6.15
Libupnp Project Libupnp 1.6.8
Libupnp Project Libupnp 1.6.7
Libupnp Project Libupnp 1.6.0
Libupnp Project Libupnp 1.4.7
Libupnp Project Libupnp 1.6.14
Libupnp Project Libupnp 1.6.13
Libupnp Project Libupnp 1.6.6
Libupnp Project Libupnp 1.6.5
Libupnp Project Libupnp 1.4.6
Libupnp Project Libupnp 1.4.5
Libupnp Project Libupnp 1.4.4
Libupnp Project Libupnp
Libupnp Project Libupnp 1.6.10
Libupnp Project Libupnp 1.6.9
1 EDB exploit
1 Github repository
4.7
CVSSv3
CVE-2020-8833
Time-of-check Time-of-use Race Condition vulnerability on crash report ownership change in Apport allows for a possible privilege escalation opportunity. If fs.protected_symlinks is disabled, this can be exploited between the os.open and os.chown calls when the Apport cron script...
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Apport Project Apport -
NA
CVE-2012-5959
Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) prior to 1.6.18 allows remote malicious users to execute arbitrary code via a long ...
Portable Sdk For Upnp Project Portable Sdk For Upnp 1.6.11
Portable Sdk For Upnp Project Portable Sdk For Upnp 1.6.10
Portable Sdk For Upnp Project Portable Sdk For Upnp 1.6.2
Portable Sdk For Upnp Project Portable Sdk For Upnp 1.6.1
Portable Sdk For Upnp Project Portable Sdk For Upnp 1.4.2
Portable Sdk For Upnp Project Portable Sdk For Upnp 1.4.1
Portable Sdk For Upnp Project Portable Sdk For Upnp 1.6.15
Portable Sdk For Upnp Project Portable Sdk For Upnp 1.6.14
Portable Sdk For Upnp Project Portable Sdk For Upnp 1.6.6
Portable Sdk For Upnp Project Portable Sdk For Upnp 1.6.5
Portable Sdk For Upnp Project Portable Sdk For Upnp 1.4.6
Portable Sdk For Upnp Project Portable Sdk For Upnp 1.4.5
Portable Sdk For Upnp Project Portable Sdk For Upnp
Portable Sdk For Upnp Project Portable Sdk For Upnp 1.6.16
Portable Sdk For Upnp Project Portable Sdk For Upnp 1.6.9
Portable Sdk For Upnp Project Portable Sdk For Upnp 1.6.8
Portable Sdk For Upnp Project Portable Sdk For Upnp 1.6.7
Portable Sdk For Upnp Project Portable Sdk For Upnp 1.6.0
Portable Sdk For Upnp Project Portable Sdk For Upnp 1.4.7
Portable Sdk For Upnp Project Portable Sdk For Upnp 1.4.0
Portable Sdk For Upnp Project Portable Sdk For Upnp 1.6.13
Portable Sdk For Upnp Project Portable Sdk For Upnp 1.6.12
1 EDB exploit
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36954
CVE-2024-36933
CVE-2024-24919
CVE-2024-36923
CVE-2024-2961
CVE-2024-36925
bypass
encryption
command injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »