Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
common vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-2946
Stack-based buffer overflow in the Open CAD Format Council SXF common library prior to 3.30 allows remote malicious users to execute arbitrary code via a crafted CAD file.
Ocf Sxf Common Library
NA
CVE-2008-3928
test.sh in Honeyd 1.5c might allow local users to overwrite arbitrary files via a symlink attack on a temporary file.
Debian Honeyd Common 1.5
7.5
CVSSv3
CVE-2023-45382
In the module "SoNice Retour" (sonice_retour) up to version 2.1.0 from Common-Services for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack. Due to a lack of permissions control and a lack of control in the ...
Common-services Sonice Retour
7.5
CVSSv3
CVE-2023-45383
In the module "SoNice etiquetage" (sonice_etiquetage) up to version 2.5.9 from Common-Services for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack. Due to a lack of permissions control and a lack of control...
Common-services Sonice Etiquetage
NA
CVE-2008-4951
dtc 0.29.6 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/awstats.log, (b) /tmp/spam.log.#####, and (c) /tmp/spam_err.log temporary files, related to the (1) accesslog.php and (2) sa-wrapper scripts.
Gplhost Dtc-common 0.29.6
6.1
CVSSv3
CVE-2023-42808
Common Voice is the web app for Mozilla Common Voice, a platform for collecting speech donations in order to create public domain datasets for training voice recognition-related tools. Version 1.88.2 is vulnerable to reflected Cross-Site Scripting given that user-controlled data ...
Mozilla Common Voice 1.88.2
NA
CVE-2008-3448
Cross-site scripting (XSS) vulnerability in index.php in common solutions csphonebook 1.02 allows remote malicious users to inject arbitrary web script or HTML via the letter parameter.
Common-solutions Csphonebook 1.02
1 EDB exploit
8.1
CVSSv3
CVE-2021-32660
Backstage is an open platform for building developer portals, and techdocs-common contains common functionalities for Backstage's TechDocs. In versions of `@backstage/tehdocs-common` before 0.6.4, a malicious internal actor is able to upload documentation content with malici...
Linuxfoundation \\@backstage\\/techdocs-common
9.8
CVSSv3
CVE-2022-41226
Jenkins Compuware Common Configuration Plugin 1.0.14 and previous versions does not configure its XML parser to prevent XML external entity (XXE) attacks.
Jenkins Compuware Common Configuration
8.2
CVSSv3
CVE-2021-2034
Vulnerability in the Oracle Common Applications Calendar product of Oracle E-Business Suite (component: Tasks). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Orac...
Oracle Common Applications Calendar
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »