Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
echo security vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2022-45410
When a ServiceWorker intercepted a request with <code>FetchEvent</code>, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec and then in browsers. ...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
8.8
CVSSv3
CVE-2022-45412
When resolving a symlink such as <code>file:///proc/self/fd/1</code>, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer. <br>*This bug only affects Thunderbird on Unix-based operated systems (...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
6.5
CVSSv3
CVE-2022-45416
Keyboard events reference strings like "KeyA" that were at fixed, known, and widely-spread addresses. Cache-based timing attacks such as Prime+Probe could have possibly figured out which keys were being pressed. This vulnerability affects Firefox ESR < 102.5, Thunder...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
6.1
CVSSv3
CVE-2022-45418
If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 1...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
6.5
CVSSv3
CVE-2022-45420
Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox <...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
8.8
CVSSv3
CVE-2022-45421
Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Thunderbird 102.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vul...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
NA
CVE-2010-2568
Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users or remote malicious users to execute arbitrary code via a crafted (1) .LNK or (2) .PIF shortcut file, which is not properly handled during icon ...
Microsoft Windows Server 2008
Microsoft Windows Server 2008 -
Microsoft Windows Server 2008 R2
Microsoft Windows Xp -
Microsoft Windows 7 -
Microsoft Windows Vista -
Microsoft Windows Xp
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows 2003 Server
2 EDB exploits
3 Github repositories
23 Articles
7.8
CVSSv3
CVE-2017-5669
The do_shmat function in ipc/shm.c in the Linux kernel up to and including 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system ca...
Linux Linux Kernel
Debian Debian Linux 8.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
1 Github repository
7
CVSSv3
CVE-2017-11600
net/xfrm/xfrm_policy.c in the Linux kernel up to and including 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allows local users to cause a denial of service (out-of-bounds access) or possibl...
Linux Linux Kernel
6.6
CVSSv3
CVE-2017-16644
The hdpvr_probe function in drivers/media/usb/hdpvr/hdpvr-core.c in the Linux kernel up to and including 4.13.11 allows local users to cause a denial of service (improper error handling and system crash) or possibly have unspecified other impact via a crafted USB device.
Linux Linux Kernel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »