Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sub vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-10752
Sequelize, all versions prior to version 4.44.3 and 5.15.1, is vulnerable to SQL Injection due to sequelize.json() helper function not escaping values properly when formatting sub paths for JSON queries for MySQL, MariaDB and SQLite.
Sequelizejs Sequelize
4.7
CVSSv3
CVE-2023-1582
A race problem was found in fs/proc/task_mmu.c in the memory management sub-component in the Linux kernel. This issue may allow a local attacker with user privilege to cause a denial of service.
Linux Linux Kernel
Linux Linux Kernel 5.7
NA
CVE-2005-2768
Heap-based buffer overflow in the Sophos Antivirus Library, as used by Sophos Antivirus, PureMessage, MailMonitor, and other products, allows remote malicious users to execute arbitrary code via a Visio file with a crafted sub record length.
Sophos Sophos Anti-virus 3.80
Sophos Sophos Anti-virus 3.81
Sophos Sophos Anti-virus 3.82
Sophos Sophos Anti-virus 3.95
Sophos Sophos Anti-virus 4.5.3
Sophos Sophos Anti-virus 3.78d
Sophos Sophos Anti-virus 3.79
Sophos Sophos Anti-virus 3.90
Sophos Sophos Anti-virus 3.91
Sophos Sophos Anti-virus 3.4.6
Sophos Sophos Anti-virus 3.78
Sophos Sophos Anti-virus 3.85
Sophos Sophos Anti-virus 3.86
Sophos Sophos Anti-virus 3.83
Sophos Sophos Anti-virus 3.84
Sophos Sophos Anti-virus 5.0.1
Sophos Sophos Anti-virus 5.0.4
NA
CVE-2008-0861
Cross-site scripting (XSS) vulnerability in leg/Main.nsf in IBM Lotus Quickplace 7.0 allows remote malicious users to inject arbitrary web script or HTML via an h_SearchString sub-parameter in the PreSetFields parameter of an EditDocument action.
Ibm Lotus Quickplace 7.0
NA
CVE-2013-2479
The dissect_mpls_echo_tlv_dd_map function in epan/dissectors/packet-mpls-echo.c in the MPLS Echo dissector in Wireshark 1.8.x prior to 1.8.6 allows remote malicious users to cause a denial of service (infinite loop) via invalid Sub-tlv data.
Wireshark Wireshark 1.8.4
Wireshark Wireshark 1.8.5
Wireshark Wireshark 1.8.0
Wireshark Wireshark 1.8.1
Wireshark Wireshark 1.8.2
Wireshark Wireshark 1.8.3
Opensuse Opensuse 12.2
Opensuse Opensuse 12.3
Opensuse Opensuse 11.4
Opensuse Opensuse 12.1
7.8
CVSSv3
CVE-2017-2951
Adobe Acrobat Reader versions 15.020.20042 and previous versions, 15.006.30244 and previous versions, 11.0.18 and previous versions have an exploitable use after free vulnerability in the XFA engine, related to sub-form functionality. Successful exploitation could lead to arbitra...
Adobe Acrobat
Adobe Acrobat Reader Dc
Adobe Reader
Adobe Acrobat Dc
NA
CVE-2006-4941
Multiple cross-site scripting (XSS) vulnerabilities in Moodle prior to 1.6.2 might allow remote malicious users to inject arbitrary web script or HTML via (1) the choose parameter in files/index.php and (2) the sub parameter in doc/index.php.
Moodle Moodle 1.6.0
Moodle Moodle
NA
CVE-2005-0585
Firefox prior to 1.0.1 and Mozilla prior to 1.7.6 truncates long sub-domains or paths for display, which may allow remote malicious web sites to spoof legitimate sites and facilitate phishing attacks.
Mozilla Firefox 0.9
Mozilla Firefox 1.0
Mozilla Mozilla 1.5
Mozilla Mozilla 1.7.2
Mozilla Mozilla 1.7.3
Mozilla Firefox 0.8
Mozilla Firefox 0.9.1
Mozilla Mozilla 1.4.1
Mozilla Mozilla 1.4
Mozilla Mozilla 1.6
Mozilla Mozilla 1.7
Mozilla Firefox 0.9.2
Mozilla Firefox 0.9.3
Mozilla Mozilla 1.5.1
Mozilla Mozilla 1.7.1
Mozilla Firefox 0.10
Mozilla Firefox 0.10.1
Mozilla Mozilla 1.3
Mozilla Mozilla 1.7.5
NA
CVE-2012-6055
epan/dissectors/packet-3g-a11.c in the 3GPP2 A11 dissector in Wireshark 1.8.x prior to 1.8.4 allows remote malicious users to cause a denial of service (infinite loop) via a zero value in a sub-type length field.
Wireshark Wireshark 1.8.0
Wireshark Wireshark 1.8.1
Wireshark Wireshark 1.8.2
Wireshark Wireshark 1.8.3
5.5
CVSSv3
CVE-2020-15734
An Origin Validation Error vulnerability in Bitdefender Safepay allows an malicious user to manipulate the browser's file upload capability into accessing other files in the same directory or sub-directories. This issue affects: Bitdefender Safepay versions before 25.0.7.29.
Bitdefender Safepay
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »