Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
answer answer vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2019-10190
A vulnerability exists in DNS resolver component of knot resolver through version 3.2.0 prior to 4.1.0 which allows remote malicious users to bypass DNSSEC validation for non-existence answer. NXDOMAIN answer would get passed through to the client even if its DNSSEC validation fa...
Nic Knot Resolver
Fedoraproject Fedora 29
Fedoraproject Fedora 30
5.3
CVSSv3
CVE-2017-15105
A flaw was found in the way unbound prior to 1.6.8 validated wildcard-synthesized NSEC records. An improperly validated wildcard NSEC record could be used to prove the non-existence (NXDOMAIN answer) of an existing wildcard record, or trick unbound into accepting a NODATA proof.
Nlnetlabs Unbound
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 17.10
1 Github repository
7.5
CVSSv3
CVE-2019-25006
An issue exists in the streebog crate prior to 0.8.0 for Rust. The Streebog hash function can produce the wrong answer.
Streebog Project Streebog
5.4
CVSSv3
CVE-2020-29003
The PollNY extension for MediaWiki up to and including 1.35 allows XSS via an answer option for a poll question, entered during Special:CreatePoll or Special:UpdatePoll.
Mediawiki Mediawiki
9.8
CVSSv3
CVE-2019-3807
An issue has been found in PowerDNS Recursor versions 4.1.x prior to 4.1.9 where records in the answer section of responses received from authoritative servers with the AA flag not set were not properly validated, allowing an malicious user to bypass DNSSEC validation.
Powerdns Recursor
7.5
CVSSv3
CVE-2022-48256
Technitium DNS Server prior to 10.0 allows a self-CNAME denial-of-service attack in which a CNAME loop causes an answer to contain hundreds of records.
Technitium Dns Server
1 Github repository
9.8
CVSSv3
CVE-2018-14502
controllers/quizzes.php in the Kiboko Chained Quiz plugin prior to 1.0.9 for WordPress allows remote unauthenticated users to execute arbitrary SQL commands via the 'answer' and 'answers' parameters.
Kibokolabs Chained Quiz
NA
CVE-2004-0992
Format string vulnerability in the -a option (daemon mode) in Proxytunnel prior to 1.2.3 allows remote malicious users to execute arbitrary code via format string specifiers in an invalid proxy answer.
Proxytunnel Proxytunnel 1.2 .0
Proxytunnel Proxytunnel 1.1.3
Proxytunnel Proxytunnel 1.2.2
Proxytunnel Proxytunnel 1.0.6
NA
CVE-2010-4213
The Bank of America application 2.12 for Android stores a security question's answer in cleartext, which might allow physically proximate malicious users to obtain sensitive information by reading application data.
Bankofamerica Bank Of America 2.12
NA
CVE-2008-0515
SQL injection vulnerability in index.php in the musepoes (com_musepoes) component for Mambo and Joomla! allows remote malicious users to execute arbitrary SQL commands via the aid parameter in an answer action.
Joomla Musepoes Component
Mambo Musepoes Component
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
IMAP
CVE-2024-4367
server-side request forgery
information disclosure
CVE-2024-34342
CVE-2024-4281
CVE-2024-3507
CVE-2024-25560
CVE-2024-34574
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »