Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
three project three vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-1878
Stack-based buffer overflow in the demux_nsf_send_chunk function in src/demuxers/demux_nsf.c in xine-lib 1.1.12 and previous versions allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a long NSF title.
Xine Xine-lib 1.1.9
Xine Xine-lib
Xine Xine-lib 1.1.0
Xine Xine-lib 1.1.1
Xine Xine-lib 1.1.10
Xine Xine-lib 1.1.10.1
Xine Xine-lib 1.1.11
Xine Xine-lib 1.1.11.1
1 EDB exploit
NA
CVE-2023-30552
Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an malicious user to query the connected databases. Affected versions are subject to SQL injection in the `sql/instance.py` endpoint's `describe`...
Archerydms Archery 1.9.0
NA
CVE-2022-48629
In the Linux kernel, the following vulnerability has been resolved: crypto: qcom-rng - ensure buffer for generate is completely filled The generate function in struct rng_alg expects that the destination buffer is completely filled if the function returns 0. qcom_rng_read() can r...
6.8
CVSSv2
CVE-2008-1482
Multiple integer overflows in xine-lib 1.1.11 and previous versions allow remote malicious users to trigger heap-based buffer overflows and possibly execute arbitrary code via (1) a crafted .FLV file, which triggers an overflow in demuxers/demux_flv.c; (2) a crafted .MOV file, wh...
Xine Xine-lib 1.1.11
1 EDB exploit
4.4
CVSSv2
CVE-2013-2777
sudo prior to 1.7.10p5 and 1.8.x prior to 1.8.6p6, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to a session w...
Apple Mac Os X
Todd Miller Sudo 1.7.9p1
Todd Miller Sudo 1.7.9
Todd Miller Sudo 1.7.6
Todd Miller Sudo 1.7.5
Todd Miller Sudo 1.7.4p6
Todd Miller Sudo 1.7.3b1
Todd Miller Sudo 1.7.2p7
Todd Miller Sudo 1.7.1
Todd Miller Sudo 1.6.4
Todd Miller Sudo 1.7.10
Todd Miller Sudo 1.7.6p2
Todd Miller Sudo 1.7.6p1
Todd Miller Sudo 1.7.4p1
Todd Miller Sudo 1.7.4p4
Todd Miller Sudo 1.7.2
Todd Miller Sudo 1.7.2p1
Todd Miller Sudo 1.6.9p20
Todd Miller Sudo 1.6.9p21
Todd Miller Sudo 1.6.7p5
Todd Miller Sudo 1.6.8p12
Todd Miller Sudo 1.7.10p1
5
CVSSv2
CVE-2004-0938
FreeRADIUS prior to 1.0.1 allows remote malicious users to cause a denial of service (server crash) by sending an Ascend-Send-Secret attribute without the required leading packet.
Freeradius Freeradius
4.4
CVSSv2
CVE-2013-2776
sudo 1.3.5 up to and including 1.7.10p5 and 1.8.0 up to and including 1.8.6p6, when running on systems without /proc or the sysctl function with the tty_tickets option enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissi...
Todd Miller Sudo 1.7.8p1
Todd Miller Sudo 1.7.8
Todd Miller Sudo 1.7.4p3
Todd Miller Sudo 1.7.4
Todd Miller Sudo 1.7.2p4
Todd Miller Sudo 1.7.7
Todd Miller Sudo 1.7.6p2
Todd Miller Sudo 1.7.4p1
Todd Miller Sudo 1.7.4p4
Todd Miller Sudo 1.7.2p3
Todd Miller Sudo 1.7.2
Todd Miller Sudo 1.6.4p2
Todd Miller Sudo 1.6.9p20
Todd Miller Sudo 1.6.7p5
Todd Miller Sudo 1.6.8p12
Todd Miller Sudo 1.3.5
Todd Miller Sudo 1.7.10
Todd Miller Sudo 1.7.2p2
Todd Miller Sudo 1.6.9p23
Todd Miller Sudo 1.6.5
Todd Miller Sudo 1.6.9p22
Todd Miller Sudo 1.6.2p3
9.3
CVSSv2
CVE-2007-5392
Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote malicious users to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow.
Xpdf Xpdf 3.0.1 Pl1
8.5
CVSSv2
CVE-2021-44832
Apache Log4j2 versions 2.0-beta7 up to and including 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the tar...
Apache Log4j 2.0
Apache Log4j
Oracle Weblogic Server 12.2.1.3.0
Oracle Primavera Unifier 18.8
Oracle Weblogic Server 12.2.1.4.0
Oracle Primavera Unifier 19.12
Oracle Weblogic Server 14.1.1.0.0
Oracle Primavera Unifier 20.12
Oracle Communications Interactive Session Recorder 6.3
Oracle Communications Interactive Session Recorder 6.4
Oracle Primavera Gateway
Oracle Retail Assortment Planning 16.0.3
Oracle Primavera Unifier 21.12
Oracle Primavera P6 Enterprise Project Portfolio Management 21.12.0.0
Oracle Primavera P6 Enterprise Project Portfolio Management
Oracle Primavera Gateway 21.12.0
Oracle Retail Fiscal Management 14.2
Oracle Siebel Ui Framework 21.12
Oracle Communications Diameter Signaling Router
Cisco Cloudcenter 4.10.0.16
Fedoraproject Fedora 34
Fedoraproject Fedora 35
34 Github repositories
4 Articles
10
CVSSv2
CVE-2004-0097
Multiple vulnerabilities in PWLib prior to 1.6.0 allow remote malicious users to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.
Openh323 Project Pwlib
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »