Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
answer answer vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2010-4213
The Bank of America application 2.12 for Android stores a security question's answer in cleartext, which might allow physically proximate malicious users to obtain sensitive information by reading application data.
Bankofamerica Bank Of America 2.12
890
VMScore
CVE-2004-0992
Format string vulnerability in the -a option (daemon mode) in Proxytunnel prior to 1.2.3 allows remote malicious users to execute arbitrary code via format string specifiers in an invalid proxy answer.
Proxytunnel Proxytunnel 1.2.2
Proxytunnel Proxytunnel 1.0.6
Proxytunnel Proxytunnel 1.2 .0
Proxytunnel Proxytunnel 1.1.3
755
VMScore
CVE-2008-0515
SQL injection vulnerability in index.php in the musepoes (com_musepoes) component for Mambo and Joomla! allows remote malicious users to execute arbitrary SQL commands via the aid parameter in an answer action.
Joomla Musepoes Component
Mambo Musepoes Component
1 EDB exploit
NA
CVE-2024-32405
Cross Site Scripting vulnerability in inducer relate before v.2024.1 allows a remote malicious user to escalate privileges via a crafted payload to the Answer field of InlineMultiQuestion parameter on Exam function.
445
VMScore
CVE-2014-9117
MantisBT prior to 1.2.18 uses the public_key parameter value as the key to the CAPTCHA answer, which allows remote malicious users to bypass the CAPTCHA protection mechanism by leveraging knowledge of a CAPTCHA answer for a public_key parameter value, as demonstrated by E4652 for...
Mantisbt Mantisbt
755
VMScore
CVE-2008-0795
SQL injection vulnerability in index.php in the MGFi XfaQ (com_xfaq) 1.2 component for Mambo and Joomla! allows remote malicious users to execute arbitrary SQL commands via the aid parameter in an answer action.
Mgfi Xfaq 1.2
Joomla Joomla 1.0
Mambo Mambo 4.5
1 EDB exploit
445
VMScore
CVE-2020-12667
Knot Resolver prior to 5.1.1 allows traffic amplification via a crafted DNS answer from an attacker-controlled server, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records.
Nic Knot Resolver
NA
CVE-2023-50457
An issue exists in Zammad prior to 6.2.0. When listing tickets linked to a knowledge base answer, or knowledge base answers of a ticket, a user could see entries for which they lack permissions.
Zammad Zammad 6.1.0
Zammad Zammad 6.2.0
312
VMScore
CVE-2019-13161
An issue exists in Asterisk Open Source up to and including 13.27.0, 14.x and 15.x up to and including 15.7.2, and 16.x up to and including 16.4.0, and Certified Asterisk up to and including 13.21-cert3. A pointer dereference in chan_sip while handling SDP negotiation allows an m...
Digium Certified Asterisk 11.6
Digium Certified Asterisk 1.8.14.0
Digium Certified Asterisk 11.4.0
Digium Certified Asterisk 13.1.0
Digium Certified Asterisk 11.1.0
Digium Certified Asterisk 1.8.0.0
Digium Certified Asterisk 1.8.10.0
Digium Certified Asterisk 1.8.15
Digium Certified Asterisk 1.8.11
Digium Certified Asterisk 1.8.12.0
Digium Certified Asterisk 1.8.3.0
Digium Certified Asterisk 13.8
Digium Certified Asterisk 1.8.8.0
Digium Certified Asterisk 11.3.0
Digium Certified Asterisk 1.8.11.0
Digium Certified Asterisk 1.8.6.0
Digium Certified Asterisk 11.0.0
Digium Certified Asterisk 1.8.28
Digium Certified Asterisk 1.8.7.0
Digium Certified Asterisk 1.8.13.0
Digium Certified Asterisk 1.8.28.0
Digium Certified Asterisk 1.8.1.0
445
VMScore
CVE-2016-9937
An issue exists in Asterisk Open Source 13.12.x and 13.13.x prior to 13.13.1 and 14.x prior to 14.2.1. If an SDP offer or answer is received with the Opus codec and with the format parameters separated using a space the code responsible for parsing will recursively call itself un...
Digium Asterisk 13.12
Digium Asterisk 14.02
Digium Asterisk 14.1.1
Digium Asterisk 14.1.2
Digium Asterisk 14.0
Digium Asterisk 13.13
Digium Asterisk 14.1
Digium Asterisk 14.01
Digium Asterisk 14.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
malicious code
XML injection
CVE-2024-28020
CVE-2024-35252
CVE-2024-5833
CVE-2024-30066
injection
CVE-2024-23282
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »