Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
report project report vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv3
CVE-2021-32817
express-hbs is an Express handlebars template engine. express-hbs mixes pure template data with engine configuration options through the Express render API. More specifically, the layout parameter may trigger file disclosure vulnerabilities in downstream applications. This potent...
Express Handlebars Project Express Handlebars
8.6
CVSSv3
CVE-2021-32820
Express-handlebars is a Handlebars view engine for Express. Express-handlebars mixes pure template data with engine configuration options through the Express render API. More specifically, the layout parameter may trigger file disclosure vulnerabilities in downstream applications...
Express Handlebars Project Express Handlebars
9.8
CVSSv3
CVE-2024-5636
A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file report/index.php. The manipulation of the argument procduct leads to sql injection. The attack may be launc...
Bakery Online Ordering System Project Bakery Online Ordering System 1.0
9.8
CVSSv3
CVE-2023-1468
A vulnerability classified as critical was found in SourceCodester Student Study Center Desk Management System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/?page=reports&date_from=2023-02-17&date_to=2023-03-17 of the component Report H...
Student Study Center Desk Management System Project Student Study Center Desk Management System 1.0
2.6
CVSSv3
CVE-2021-21416
django-registration is a user registration package for Django. The django-registration package provides tools for implementing user-account registration flows in the Django web framework. In django-registration before 3.1.2, the base user-account registration view did not properl...
Django-registration Project Django-registration
7
CVSSv3
CVE-2018-1122
procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of several vulnerabilities in the config_file() function...
Procps-ng Project Procps-ng
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 18.04
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
1 EDB exploit
NA
CVE-2012-5536
A certain Red Hat build of the pam_ssh_agent_auth module on Red Hat Enterprise Linux (RHEL) 6 and Fedora Rawhide calls the glibc error function instead of the error function in the OpenSSH codebase, which allows local users to obtain sensitive information from process memory or p...
Redhat Enterprise Linux 6.0
Fedora Project Fedora Release Rawhide -
NA
CVE-2013-2037
httplib2 0.7.2, 0.8, and previous versions, after an initial connection is made, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle malicious users ...
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 10.04
Httplib2 Project Httplib2
Httplib2 Project Httplib2 0.8
8.8
CVSSv3
CVE-2019-17590
The csrf_callback function in the CSRF Magic library through 2016-03-27 is vulnerable to CSRF protection bypass as it allows one to tamper with the csrf token values. A remote attacker can exploit this by crafting a malicious page and dispersing it to a victim via social engineer...
Csrf Magic Project Csrf Magic
NA
CVE-2012-5958
Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) prior to 1.6.18 allows remote malicious users to execute arbitrary code via a UDP p...
Libupnp Project Libupnp 1.6.1
Libupnp Project Libupnp 1.4.4
Libupnp Project Libupnp 1.6.6
Libupnp Project Libupnp 1.6.12
Libupnp Project Libupnp 1.6.16
Libupnp Project Libupnp 1.4.7
Libupnp Project Libupnp 1.6.5
Libupnp Project Libupnp 1.6.9
Libupnp Project Libupnp 1.6.14
Libupnp Project Libupnp 1.4.5
Libupnp Project Libupnp 1.6.4
Libupnp Project Libupnp 1.6.10
Libupnp Project Libupnp 1.6.8
Libupnp Project Libupnp 1.6.7
Libupnp Project Libupnp 1.4.1
Libupnp Project Libupnp 1.6.13
Libupnp Project Libupnp 1.6.15
Libupnp Project Libupnp 1.6.2
Libupnp Project Libupnp 1.4.2
Libupnp Project Libupnp
Libupnp Project Libupnp 1.6.11
Libupnp Project Libupnp 1.6.3
1 EDB exploit
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2023-38506
CVE-2024-37198
CVE-2023-45197
CVE-2024-38621
CVE-2024-30103
elevation of privilege
CVE-2024-0044
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »