Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
event list vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-22461
The `sanitize-svg` package, a small SVG sanitizer to prevent cross-site scripting attacks, uses a deny-list-pattern to sanitize SVGs to prevent XSS. In doing so, literal `<script>`-tags and on-event handlers were detected in versions before 0.4.0. As a result, downstream so...
Sanitize-svg Project Sanitize-svg
445
VMScore
CVE-2021-1624
A vulnerability in the Rate Limiting Network Address Translation (NAT) feature of Cisco IOS XE Software could allow an unauthenticated, remote malicious user to cause high CPU utilization in the Cisco QuantumFlow Processor of an affected device, resulting in a denial of service (...
Cisco Ios Xe
668
VMScore
CVE-2021-39214
mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.2 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitm...
Mitmproxy Mitmproxy
NA
CVE-2024-24817
Discourse Calendar adds the ability to create a dynamic calendar in the first post of a topic on the open-source discussion platform Discourse. Prior to version 0.4, event invitees created in topics in private categories or PMs (private messages) can be retrieved by anyone, even ...
NA
CVE-2024-29025
Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. The `HttpPostRequestDecoder` can be tricked to accumulate data. While the decoder can store items on the disk if configured s...
1 Github repository
NA
CVE-2023-20190
A vulnerability in the classic access control list (ACL) compression feature of Cisco IOS XR Software could allow an unauthenticated, remote malicious user to bypass the protection that is offered by a configured ACL on an affected device. This vulnerability is due to incorrect d...
Cisco Ios Xr
Cisco Ios Xr 7.9
632
VMScore
CVE-2014-3361
The ALG module in Cisco IOS 15.0 up to and including 15.4 does not properly implement SIP over NAT, which allows remote malicious users to cause a denial of service (device reload) via multipart SDP IPv4 traffic, aka Bug ID CSCun54071.
Cisco Ios 15.2
Cisco Ios 15.3
Cisco Ios 15.0
Cisco Ios 15.1
Cisco Ios 15.4
632
VMScore
CVE-2020-3510
A vulnerability in the Umbrella Connector component of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches could allow an unauthenticated, remote malicious user to trigger a reload, resulting in a denial of service condition on an affected device. The vulnerability is d...
Cisco Ios Xe 16.12.1
Cisco Ios Xe 16.12.2
Cisco Ios Xe 17.1.1
694
VMScore
CVE-2013-1142
Race condition in the VRF-aware NAT feature in Cisco IOS 12.2 up to and including 12.4 and 15.0 up to and including 15.2 allows remote malicious users to cause a denial of service (memory consumption) via IPv4 packets, aka Bug IDs CSCtg47129 and CSCtz96745.
Cisco Ios
NA
CVE-2021-34752
Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory. Cisco ...
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »