Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
534
VMScore
CVE-2021-25940
In ArangoDB, versions v3.7.6 through v3.8.3 are vulnerable to Insufficient Session Expiration. When a user’s password is changed by the administrator, the session isn’t invalidated, allowing a malicious user to still be logged in and perform arbitrary actions within t...
Arangodb Arangodb
668
VMScore
CVE-2021-25941
Prototype pollution vulnerability in 'deep-override' versions 1.0.0 up to and including 1.0.1 allows an malicious user to cause a denial of service and may lead to remote code execution.
Deep-override Project Deep-override
668
VMScore
CVE-2021-25943
Prototype pollution vulnerability in '101' versions 1.0.0 up to and including 1.6.3 allows an malicious user to cause a denial of service and may lead to remote code execution.
101 Project 101
668
VMScore
CVE-2021-25944
Prototype pollution vulnerability in 'deep-defaults' versions 1.0.0 up to and including 1.0.5 allows malicious user to cause a denial of service and may lead to remote code execution.
Deep-defaults Project Deep-defaults
668
VMScore
CVE-2021-25946
Prototype pollution vulnerability in `nconf-toml` versions 0.0.1 up to and including 0.0.2 allows an malicious user to cause a denial of service and may lead to remote code execution.
Nconf-toml Project Nconf-toml
668
VMScore
CVE-2021-25947
Prototype pollution vulnerability in 'nestie' versions 0.0.0 up to and including 1.0.0 allows an malicious user to cause a denial of service and may lead to remote code execution.
Nestie Project Nestie
668
VMScore
CVE-2021-25949
Prototype pollution vulnerability in 'set-getter' version 0.1.0 allows an malicious user to cause a denial of service and may lead to remote code execution.
Set-getter Project Set-getter 0.1.0
NA
CVE-2021-25950
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none
445
VMScore
CVE-2021-25951
XXE vulnerability in 'XML2Dict' version 0.2.2 allows an malicious user to cause a denial of service.
Xml2dict Project Xml2dict 0.2.2
668
VMScore
CVE-2021-25953
Prototype pollution vulnerability in 'putil-merge' versions1.0.0 up to and including 3.6.6 allows malicious user to cause a denial of service and may lead to remote code execution.
Putil-merge Project Putil-merge
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »