Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ghost ghost vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-23724
Ghost up to and including 5.76.0 allows stored XSS, and resultant privilege escalation in which a contributor can take over any account, via an SVG profile picture that contains JavaScript code to interact with the API on localhost TCP port 3001. NOTE: The discoverer reports that...
6.4
CVSSv2
CVE-2012-1194
The resolver in the DNS Server service in Microsoft Windows Server 2008 before R2 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote malicious users to trigger continued resolvability of revoke...
Microsoft Windows Server 2008 -
Microsoft Windows Server 2008
NA
CVE-2022-30258
An issue exists in Technitium DNS Server up to and including 8.0.2 that allows variant V2 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit wou...
Technitium Dns Server
NA
CVE-2022-30257
An issue exists in Technitium DNS Server up to and including 8.0.2 that allows variant V1 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit wou...
Technitium Dns Server
NA
CVE-2022-30698
NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a subdomain of a rogue domain name. The rogue nameserver returns del...
Nlnetlabs Unbound
Fedoraproject Fedora 35
Fedoraproject Fedora 36
NA
CVE-2022-30699
NLnet Labs Unbound, up to and including version 1.16.1, is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a rogue domain name when the cached delegation information is about...
Nlnetlabs Unbound
Fedoraproject Fedora 35
Fedoraproject Fedora 36
NA
CVE-2022-30256
An issue exists in MaraDNS Deadwood up to and including 3.5.0021 that allows variant V1 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit would...
Maradns Maradns
5
CVSSv2
CVE-2012-1033
The resolver in ISC BIND 9 up to and including 9.8.1-P1 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote malicious users to trigger continued resolvability of revoked domain names via a "...
Isc Bind 9.7.1
Isc Bind 9.7.3
Isc Bind 9.5.1
Isc Bind 9.6.0
Isc Bind 9.5.0
Isc Bind 9.2.1
Isc Bind 9.2.2
Isc Bind 9.0
Isc Bind 9.0.1
Isc Bind 9.7.2
Isc Bind 9.3
Isc Bind 9.2.7
Isc Bind 9.2.6
Isc Bind 9.4.1
Isc Bind 9.8.0
Isc Bind 9.8.1
Isc Bind 9.7.4
Isc Bind 9.1
Isc Bind 9.7.0
Isc Bind 9.4
Isc Bind 9.2.5
Isc Bind 9.5
NA
CVE-2022-3204
A vulnerability named 'Non-Responsive Delegation Attack' (NRDelegation Attack) has been discovered in various DNS resolving software. The NRDelegation Attack works by having a malicious delegation with a considerable number of non responsive nameservers. The attack star...
Nlnetlabs Unbound
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
7.5
CVSSv2
CVE-2008-7087
PHP remote file inclusion vulnerability in search_wA.php in OpenPro 1.3.1 allows remote malicious users to execute arbitrary PHP code via a URL in the LIBPATH parameter.
Openpro Openpro 1.3.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
NEXT »