Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sanitize project sanitize vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-2880
Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including unparsable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy forwards a parameter with an unparsable value. After fix, ReverseProxy s...
Golang Go
NA
CVE-2022-39243
NuProcess is an external process execution implementation for Java. In all the versions of NuProcess where it forks processes by using the JVM's Java_java_lang_UNIXProcess_forkAndExec method (1.2.0+), attackers can use NUL characters in their strings to perform command line ...
Nuprocess Project Nuprocess
NA
CVE-2022-40674
libexpat prior to 2.4.9 has a use-after-free in the doContent function in xmlparse.c.
Libexpat Project Libexpat
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
NA
CVE-2022-2526
A use-after-free vulnerability was found in systemd. This issue occurs due to the on_stream_io() function and dns_stream_complete() function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callb...
Systemd Project Systemd 240
Netapp Active Iq Unified Manager -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
NA
CVE-2022-2941
The WP-UserOnline plugin for WordPress has multiple Stored Cross-Site Scripting vulnerabilities in versions up to, and including 2.88.0. This is due to the fact that all fields in the "Naming Conventions" section do not properly sanitize user input, nor escape it on out...
Wp-useronline Project Wp-useronline
1 EDB exploit
NA
CVE-2022-1405
CNCSoft: All versions before 1.01.32 does not properly sanitize input while processing a specific project file, allowing a possible stack-based buffer overflow condition.
Deltaww Cncsoft
NA
CVE-2022-1404
Delta Electronics CNCSoft (All versions before 1.01.32) does not properly sanitize input while processing a specific project file, allowing a possible out-of-bounds read condition.
Deltaww Cncsoft
NA
CVE-2022-0446
The Simple Banner WordPress plugin prior to 2.12.0 does not properly sanitize its "Simple Banner Text" Settings allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
Simple Banner Project Simple Banner
NA
CVE-2022-1539
The Exports and Reports WordPress plugin prior to 0.9.2 does not sanitize and validate data when generating the CSV to export, which could lead to a CSV injection, by the use of Microsoft Excel DDE function, or to leak data via maliciously injected hyperlinks.
Exports And Reports Project Exports And Reports
3.5
CVSSv2
CVE-2022-1326
The Form - Contact Form WordPress plugin up to and including 1.2.0 does not sanitize and escape Custom text fields, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed
Form - Contact Form Project Form - Contact Form
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »