Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
answer answer vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2019-10190
A vulnerability exists in DNS resolver component of knot resolver through version 3.2.0 prior to 4.1.0 which allows remote malicious users to bypass DNSSEC validation for non-existence answer. NXDOMAIN answer would get passed through to the client even if its DNSSEC validation fa...
Nic Knot Resolver
Fedoraproject Fedora 29
Fedoraproject Fedora 30
445
VMScore
CVE-2017-15105
A flaw was found in the way unbound prior to 1.6.8 validated wildcard-synthesized NSEC records. An improperly validated wildcard NSEC record could be used to prove the non-existence (NXDOMAIN answer) of an existing wildcard record, or trick unbound into accepting a NODATA proof.
Nlnetlabs Unbound
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 17.10
1 Github repository
445
VMScore
CVE-2019-25006
An issue exists in the streebog crate prior to 0.8.0 for Rust. The Streebog hash function can produce the wrong answer.
Streebog Project Streebog
312
VMScore
CVE-2020-29003
The PollNY extension for MediaWiki up to and including 1.35 allows XSS via an answer option for a poll question, entered during Special:CreatePoll or Special:UpdatePoll.
Mediawiki Mediawiki
570
VMScore
CVE-2019-3807
An issue has been found in PowerDNS Recursor versions 4.1.x prior to 4.1.9 where records in the answer section of responses received from authoritative servers with the AA flag not set were not properly validated, allowing an malicious user to bypass DNSSEC validation.
Powerdns Recursor
NA
CVE-2022-48256
Technitium DNS Server prior to 10.0 allows a self-CNAME denial-of-service attack in which a CNAME loop causes an answer to contain hundreds of records.
Technitium Dns Server
1 Github repository
668
VMScore
CVE-2018-14502
controllers/quizzes.php in the Kiboko Chained Quiz plugin prior to 1.0.9 for WordPress allows remote unauthenticated users to execute arbitrary SQL commands via the 'answer' and 'answers' parameters.
Kibokolabs Chained Quiz
383
VMScore
CVE-2010-4213
The Bank of America application 2.12 for Android stores a security question's answer in cleartext, which might allow physically proximate malicious users to obtain sensitive information by reading application data.
Bankofamerica Bank Of America 2.12
890
VMScore
CVE-2004-0992
Format string vulnerability in the -a option (daemon mode) in Proxytunnel prior to 1.2.3 allows remote malicious users to execute arbitrary code via format string specifiers in an invalid proxy answer.
Proxytunnel Proxytunnel 1.2 .0
Proxytunnel Proxytunnel 1.1.3
Proxytunnel Proxytunnel 1.2.2
Proxytunnel Proxytunnel 1.0.6
755
VMScore
CVE-2008-0515
SQL injection vulnerability in index.php in the musepoes (com_musepoes) component for Mambo and Joomla! allows remote malicious users to execute arbitrary SQL commands via the aid parameter in an answer action.
Joomla Musepoes Component
Mambo Musepoes Component
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »