Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
user access manager project user access manager vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2011-0701
wp-admin/async-upload.php in the media uploader in WordPress prior to 3.0.5 allows remote authenticated users to read (1) draft posts or (2) private posts via a modified attachment_id parameter.
Wordpress Wordpress
4.3
CVSSv2
CVE-2021-3449
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_ce...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Freebsd Freebsd 12.2
Netapp Santricity Smi-s Provider -
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Oncommand Insight -
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager -
Netapp Cloud Volumes Ontap Mediator -
Netapp E-series Performance Analyzer -
Tenable Tenable.sc
Tenable Nessus
Tenable Nessus Network Monitor 5.11.1
Tenable Nessus Network Monitor 5.12.0
Tenable Nessus Network Monitor 5.12.1
Tenable Nessus Network Monitor 5.13.0
Tenable Nessus Network Monitor 5.11.0
Tenable Log Correlation Engine
Fedoraproject Fedora 34
5 Github repositories
1 Article
3.5
CVSSv2
CVE-2011-0700
Multiple cross-site scripting (XSS) vulnerabilities in WordPress prior to 3.0.5 allow remote authenticated users to inject arbitrary web script or HTML via vectors related to (1) the Quick/Bulk Edit title (aka post title or post_title), (2) post_status, (3) comment_status, (4) pi...
Wordpress Wordpress
7.1
CVSSv2
CVE-2010-3714
The jumpUrl (aka access tracking) implementation in tslib/class.tslib_fe.php in TYPO3 4.2.x prior to 4.2.15, 4.3.x prior to 4.3.7, and 4.4.x prior to 4.4.4 does not properly compare certain hash values during access-control decisions, which allows remote malicious users to read a...
Typo3 Typo3 4.2.3
Typo3 Typo3 4.2.2
Typo3 Typo3 4.2.1
Typo3 Typo3 4.3.0
Typo3 Typo3 4.3.1
Typo3 Typo3 4.4.2
Typo3 Typo3 4.4.3
Typo3 Typo3 4.2.9
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.13
Typo3 Typo3 4.2.14
Typo3 Typo3 4.3.6
Typo3 Typo3 4.4
Typo3 Typo3 4.4.1
Typo3 Typo3 4.2.7
Typo3 Typo3 4.2.8
Typo3 Typo3 4.2.11
Typo3 Typo3 4.2.12
Typo3 Typo3 4.3.4
Typo3 Typo3 4.3.5
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.6
1 EDB exploit
4.4
CVSSv2
CVE-2009-3274
Mozilla Firefox 3.6a1, 3.5.3, 3.5.2, and previous versions 3.5.x versions, and 3.0.14 and previous versions 2.x and 3.x versions, on Linux uses a predictable /tmp pathname for files selected from the Downloads window, which allows local users to replace an arbitrary downloaded fi...
Mozilla Firefox 2.0
Mozilla Firefox 2.0.0.1
Mozilla Firefox 2.0.0.2
Mozilla Firefox 2.0.0.3
Mozilla Firefox 2.0.0.4
Mozilla Firefox 2.0.0.5
Mozilla Firefox 2.0.0.6
Mozilla Firefox 2.0.0.7
Mozilla Firefox 2.0.0.8
Mozilla Firefox 2.0.0.9
Mozilla Firefox 2.0.0.10
Mozilla Firefox 2.0.0.11
Mozilla Firefox 2.0.0.12
Mozilla Firefox 2.0.0.13
Mozilla Firefox 2.0.0.14
Mozilla Firefox 2.0.0.15
Mozilla Firefox 2.0.0.16
Mozilla Firefox 2.0.0.17
Mozilla Firefox 2.0.0.18
Mozilla Firefox 2.0.0.19
Mozilla Firefox 2.0.0.20
Mozilla Firefox 3.0
4.7
CVSSv2
CVE-2017-5753
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
Intel Atom C C2308
Intel Atom C C2316
Intel Atom C C2338
Intel Atom C C2350
Intel Atom C C2358
Intel Atom C C2508
Intel Atom C C2516
Intel Atom C C2518
Intel Atom C C2530
Intel Atom C C2538
Intel Atom C C2550
Intel Atom C C2558
Intel Atom C C2718
Intel Atom C C2730
Intel Atom C C2738
Intel Atom C C2750
Intel Atom C C2758
Intel Atom C C3308
Intel Atom C C3338
Intel Atom C C3508
Intel Atom C C3538
Intel Atom C C3558
1 EDB exploit
42 Github repositories
9 Articles
4.3
CVSSv2
CVE-2004-1177
Cross-site scripting (XSS) vulnerability in the driver script in mailman prior to 2.1.5 allows remote malicious users to inject arbitrary web script or HTML via a URL, which is not properly escaped in the resulting error page.
Gnu Mailman 2.0.12
Gnu Mailman 2.0.13
Gnu Mailman 2.0.8
Gnu Mailman 2.0.9
Gnu Mailman 2.1.4
Gnu Mailman 2.1b1
Gnu Mailman 2.0
Gnu Mailman 2.0.1
Gnu Mailman 2.0.4
Gnu Mailman 2.0.5
Gnu Mailman 2.1
Gnu Mailman 2.1.1
Gnu Mailman 2.0.10
Gnu Mailman 2.0.11
Gnu Mailman 2.0.6
Gnu Mailman 2.0.7
Gnu Mailman 2.1.2
Gnu Mailman 2.1.3
Gnu Mailman 1.0
Gnu Mailman 1.1
Gnu Mailman 2.0.2
Gnu Mailman 2.0.3
1.9
CVSSv2
CVE-2010-2803
The drm_ioctl function in drivers/gpu/drm/drm_drv.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel prior to 2.6.27.53, 2.6.32.x prior to 2.6.32.21, 2.6.34.x prior to 2.6.34.6, and 2.6.35.x prior to 2.6.35.4 allows local users to obtain potentially sensitive i...
Linux Linux Kernel
Debian Debian Linux 5.0
Suse Linux Enterprise Desktop 11
Opensuse Opensuse 11.1
Suse Linux Enterprise Server 11
Opensuse Opensuse 11.3
Suse Linux Enterprise High Availability Extension 11
Suse Linux Enterprise Real Time 11
5
CVSSv2
CVE-2009-3370
Mozilla Firefox prior to 3.0.15, and 3.5.x prior to 3.5.4, allows remote malicious users to read form history by forging mouse and keyboard events that leverage the auto-fill feature to populate form fields, in an attacker-readable form, with history entries.
Mozilla Firefox 3.0.1
Mozilla Firefox 3.0.4
Mozilla Firefox 3.0.3
Mozilla Firefox 3.0.2
Mozilla Firefox 3.5.3
Mozilla Firefox 3.0.14
Mozilla Firefox 3.0.6
Mozilla Firefox 3.0.5
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5.2
Mozilla Firefox 3.0.12
Mozilla Firefox 3.0.13
Mozilla Firefox 3.0.9
Mozilla Firefox 3.0
Mozilla Firefox 3.0.10
Mozilla Firefox 3.0.11
Mozilla Firefox 3.0.7
Mozilla Firefox 3.0.8
9.3
CVSSv2
CVE-2009-3372
Mozilla Firefox prior to 3.0.15 and 3.5.x prior to 3.5.4, and SeaMonkey prior to 2.0, allows remote malicious users to execute arbitrary code via a crafted regular expression in a Proxy Auto-configuration (PAC) file.
Mozilla Firefox 3.0.13
Mozilla Firefox 3.0.6
Mozilla Firefox 3.0.9
Mozilla Firefox 3.0
Mozilla Firefox 3.5.1
Mozilla Seamonkey 1.0
Mozilla Seamonkey 1.0.5
Mozilla Seamonkey 1.1.1
Mozilla Seamonkey 1.1.10
Mozilla Seamonkey 1.1.2
Mozilla Seamonkey 1.1.13
Mozilla Seamonkey 1.1
Mozilla Firefox 3.0.5
Mozilla Firefox 3.0.4
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.3
Mozilla Seamonkey 1.0.4
Mozilla Seamonkey 1.0.3
Mozilla Seamonkey 1.1.14
Mozilla Seamonkey 1.1.12
Mozilla Seamonkey 1.1.11
Mozilla Seamonkey 1.1.6
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27842
CVE-2024-30657
CVE-2024-4534
hardcoded
SSRF
CVE-2024-21683
CVE-2024-5364
file upload
CVE-2024-5371
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »