Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
answer answer vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-32405
Cross Site Scripting vulnerability in inducer relate before v.2024.1 allows a remote malicious user to escalate privileges via a crafted payload to the Answer field of InlineMultiQuestion parameter on Exam function.
NA
CVE-2014-9117
MantisBT prior to 1.2.18 uses the public_key parameter value as the key to the CAPTCHA answer, which allows remote malicious users to bypass the CAPTCHA protection mechanism by leveraging knowledge of a CAPTCHA answer for a public_key parameter value, as demonstrated by E4652 for...
Mantisbt Mantisbt
NA
CVE-2008-0795
SQL injection vulnerability in index.php in the MGFi XfaQ (com_xfaq) 1.2 component for Mambo and Joomla! allows remote malicious users to execute arbitrary SQL commands via the aid parameter in an answer action.
Mgfi Xfaq 1.2
Joomla Joomla 1.0
Mambo Mambo 4.5
1 EDB exploit
7.5
CVSSv3
CVE-2020-12667
Knot Resolver prior to 5.1.1 allows traffic amplification via a crafted DNS answer from an attacker-controlled server, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records.
Nic Knot Resolver
4.3
CVSSv3
CVE-2023-50457
An issue exists in Zammad prior to 6.2.0. When listing tickets linked to a knowledge base answer, or knowledge base answers of a ticket, a user could see entries for which they lack permissions.
Zammad Zammad 6.1.0
Zammad Zammad 6.2.0
7.5
CVSSv3
CVE-2016-9937
An issue exists in Asterisk Open Source 13.12.x and 13.13.x prior to 13.13.1 and 14.x prior to 14.2.1. If an SDP offer or answer is received with the Opus codec and with the format parameters separated using a space the code responsible for parsing will recursively call itself un...
Digium Asterisk 13.13
Digium Asterisk 14.0
Digium Asterisk 14.1
Digium Asterisk 14.1.1
Digium Asterisk 13.12
Digium Asterisk 14.1.2
Digium Asterisk 14.2
Digium Asterisk 14.01
Digium Asterisk 14.02
5.3
CVSSv3
CVE-2019-13161
An issue exists in Asterisk Open Source up to and including 13.27.0, 14.x and 15.x up to and including 15.7.2, and 16.x up to and including 16.4.0, and Certified Asterisk up to and including 13.21-cert3. A pointer dereference in chan_sip while handling SDP negotiation allows an m...
Digium Certified Asterisk 11.6
Digium Certified Asterisk 1.8.14.0
Digium Certified Asterisk 11.4.0
Digium Certified Asterisk 13.1.0
Digium Certified Asterisk 11.1.0
Digium Certified Asterisk 1.8.0.0
Digium Certified Asterisk 1.8.10.0
Digium Certified Asterisk 1.8.6.0
Digium Certified Asterisk 1.8.11
Digium Certified Asterisk 13.8
Digium Certified Asterisk 1.8.8.0
Digium Certified Asterisk 1.8.12.0
Digium Certified Asterisk 1.8.3.0
Digium Certified Asterisk 1.8.15
Digium Certified Asterisk 11.3.0
Digium Certified Asterisk 1.8.11.0
Digium Certified Asterisk 1.8.4.0
Digium Certified Asterisk 1.8.5.0
Digium Certified Asterisk 1.8.13.0
Digium Certified Asterisk 1.8.28
Digium Certified Asterisk 11.6.0
Digium Certified Asterisk 1.8.1.0
NA
CVE-2013-1815
PackStack 2012.2.3 in Red Hat OpenStack Essex and Folsom can create the answer file in insecure directories such as /tmp or the current working directory, which allows local users to modify deployed systems by changing this file.
Redhat Openstack Folsom -
Redhat Packstack 2012.2.3
Redhat Openstack Essex -
4.3
CVSSv3
CVE-2021-1854
A call termination issue with was addressed with improved logic. This issue is fixed in iOS 14.5 and iPadOS 14.5. A legacy cellular network can automatically answer an incoming call when an ongoing call ends or drops. .
Apple Ipados
Apple Iphone Os
NA
CVE-2013-2243
mod/lesson/pagetypes/matching.php in Moodle up to and including 2.2.11, 2.3.x prior to 2.3.8, 2.4.x prior to 2.4.5, and 2.5.x prior to 2.5.1 allows remote authenticated users to obtain sensitive answer information by reading the HTML source code of a document.
Moodle Moodle 2.1.0
Moodle Moodle 2.1.9
Moodle Moodle 2.1.5
Moodle Moodle 2.1.4
Moodle Moodle 2.1.2
Moodle Moodle 2.1.6
Moodle Moodle 2.1.7
Moodle Moodle 2.1.8
Moodle Moodle 2.1.1
Moodle Moodle 2.1.3
Moodle Moodle 2.2.3
Moodle Moodle 2.2.2
Moodle Moodle 2.2.9
Moodle Moodle 2.2.7
Moodle Moodle 2.2.1
Moodle Moodle 2.2.0
Moodle Moodle 2.2.11
Moodle Moodle 2.2.6
Moodle Moodle 2.2.5
Moodle Moodle 2.2.8
Moodle Moodle 2.2.4
Moodle Moodle 2.2.10
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »