Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
answer answer vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-10190
A vulnerability exists in DNS resolver component of knot resolver through version 3.2.0 prior to 4.1.0 which allows remote malicious users to bypass DNSSEC validation for non-existence answer. NXDOMAIN answer would get passed through to the client even if its DNSSEC validation fa...
Nic Knot Resolver
Fedoraproject Fedora 29
Fedoraproject Fedora 30
5
CVSSv2
CVE-2017-15105
A flaw was found in the way unbound prior to 1.6.8 validated wildcard-synthesized NSEC records. An improperly validated wildcard NSEC record could be used to prove the non-existence (NXDOMAIN answer) of an existing wildcard record, or trick unbound into accepting a NODATA proof.
Nlnetlabs Unbound
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 17.10
1 Github repository
5
CVSSv2
CVE-2019-25006
An issue exists in the streebog crate prior to 0.8.0 for Rust. The Streebog hash function can produce the wrong answer.
Streebog Project Streebog
3.5
CVSSv2
CVE-2020-29003
The PollNY extension for MediaWiki up to and including 1.35 allows XSS via an answer option for a poll question, entered during Special:CreatePoll or Special:UpdatePoll.
Mediawiki Mediawiki
6.4
CVSSv2
CVE-2019-3807
An issue has been found in PowerDNS Recursor versions 4.1.x prior to 4.1.9 where records in the answer section of responses received from authoritative servers with the AA flag not set were not properly validated, allowing an malicious user to bypass DNSSEC validation.
Powerdns Recursor
NA
CVE-2022-48256
Technitium DNS Server prior to 10.0 allows a self-CNAME denial-of-service attack in which a CNAME loop causes an answer to contain hundreds of records.
Technitium Dns Server
1 Github repository
7.5
CVSSv2
CVE-2018-14502
controllers/quizzes.php in the Kiboko Chained Quiz plugin prior to 1.0.9 for WordPress allows remote unauthenticated users to execute arbitrary SQL commands via the 'answer' and 'answers' parameters.
Kibokolabs Chained Quiz
4.3
CVSSv2
CVE-2010-4213
The Bank of America application 2.12 for Android stores a security question's answer in cleartext, which might allow physically proximate malicious users to obtain sensitive information by reading application data.
Bankofamerica Bank Of America 2.12
10
CVSSv2
CVE-2004-0992
Format string vulnerability in the -a option (daemon mode) in Proxytunnel prior to 1.2.3 allows remote malicious users to execute arbitrary code via format string specifiers in an invalid proxy answer.
Proxytunnel Proxytunnel 1.2 .0
Proxytunnel Proxytunnel 1.1.3
Proxytunnel Proxytunnel 1.2.2
Proxytunnel Proxytunnel 1.0.6
7.5
CVSSv2
CVE-2008-0515
SQL injection vulnerability in index.php in the musepoes (com_musepoes) component for Mambo and Joomla! allows remote malicious users to execute arbitrary SQL commands via the aid parameter in an answer action.
Joomla Musepoes Component
Mambo Musepoes Component
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »