Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
element software vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-5022
The nsXMLHttpRequest::NotifyEventListeners method in Firefox 3.x prior to 3.0.4, Firefox 2.x prior to 2.0.0.18, Thunderbird 2.x prior to 2.0.0.18, and SeaMonkey 1.x prior to 1.1.13 allows remote malicious users to bypass the same-origin policy and execute arbitrary script via mul...
Mozilla Firefox
Mozilla Thunderbird
Mozilla Seamonkey
Debian Debian Linux 4.0
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 8.04
7.5
CVSSv2
CVE-2008-5023
Firefox 3.x prior to 3.0.4, Firefox 2.x prior to 2.0.0.18, and SeaMonkey 1.x prior to 1.1.13 allows remote malicious users to bypass the protection mechanism for codebase principals and execute arbitrary script via the -moz-binding CSS property in a signed JAR file.
Mozilla Firefox
Mozilla Seamonkey
Debian Debian Linux 4.0
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 8.10
7.5
CVSSv2
CVE-2008-5024
Mozilla Firefox 3.x prior to 3.0.4, Firefox 2.x prior to 2.0.0.18, Thunderbird 2.x prior to 2.0.0.18, and SeaMonkey 1.x prior to 1.1.13 do not properly escape quote characters used for XML processing, which allows remote malicious users to conduct XML injection attacks via the de...
Mozilla Seamonkey
Mozilla Firefox
Mozilla Thunderbird
Debian Debian Linux 4.0
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
7.5
CVSSv2
CVE-2008-2396
PHP remote file inclusion vulnerability in index.php in Wajox Software microSSys CMS 1.5 and previous versions, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in an arbitrary element of the PAGES array parameter.
Wajox Software Mircrossys Cms
1 EDB exploit
7.5
CVSSv2
CVE-2006-0059
Heap-based buffer overflow in the ISO Transport Service over TCP (RFC 1006) implementation of LiveData ICCP Server prior to 5.00.035 allows remote malicious users to cause a denial of service or execute arbitrary code via malformed packets.
Livedata Iccp Server 5.00.045
7.5
CVSSv2
CVE-2006-1672
The installation of Cisco Transport Controller (CTC) for Cisco Optical Networking System (ONS) 15000 series nodes adds a Java policy file entry with a wildcard that grants the java.security.AllPermission permission to any http URL containing "fs/LAUNCHER.jar", which all...
Cisco Transport Controller 4.0.x
Cisco Optical Networking Systems Software 3.3.0
Cisco Optical Networking Systems Software 3.4.0
Cisco Optical Networking Systems Software 4.1\\(3\\)
Cisco Optical Networking Systems Software 4.1.4
Cisco Optical Networking Systems Software 1.3\\(0\\)
Cisco Ons 15310-cl Series 0
Cisco Optical Networking Systems Software 4.0.0
Cisco Optical Networking Systems Software 4.0\\(1\\)
Cisco Optical Networking Systems Software 4.6\\(0\\)
Cisco Optical Networking Systems Software 4.6\\(1\\)
Cisco Ons 15600 0
Cisco Optical Networking Systems Software 3.0
Cisco Optical Networking Systems Software 4.0\\(2\\)
Cisco Optical Networking Systems Software 4.1\\(0\\)
Cisco Ons 15454 Mspp
Cisco Optical Networking Systems Software 1.0
Cisco Optical Networking Systems Software 1.1
Cisco Optical Networking Systems Software 3.1.0
Cisco Optical Networking Systems Software 3.2
Cisco Optical Networking Systems Software 4.1\\(1\\)
Cisco Optical Networking Systems Software 4.1\\(2\\)
7.5
CVSSv2
CVE-2003-1063
The patches (1) 105693-13, (2) 108800-02, (3) 105694-13, and (4) 108801-02 for cachefs on Solaris 2.6 and 7 overwrite the inetd.conf file, which may silently reenable services and allow remote malicious users to bypass the intended security policy.
Sun Solaris 2.6
Sun Sunos -
Sun Sunos 5.7
Sun Solaris 7.0
7.5
CVSSv2
CVE-2002-0189
Cross-site scripting vulnerability in Internet Explorer 6.0 allows remote malicious users to execute scripts in the Local Computer zone via a URL that exploits a local HTML resource file, aka the "Cross-Site Scripting in Local HTML Resource" vulnerability.
Microsoft Internet Explorer 5.0
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6.0
1 EDB exploit
7.2
CVSSv2
CVE-2022-0025
A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows root directory (such as C:\) to execute a program with elevated privileges. This ...
Paloaltonetworks Cortex Xdr Agent
7.2
CVSSv2
CVE-2002-0084
Buffer overflow in the fscache_setup function of cachefsd in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long mount argument.
Sun Solaris 8.0
Sun Solaris 2.6
Sun Sunos 5.7
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »