Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
build environment vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-24537
Calling any of the Parse functions on Go source code which contains //line directives with very large line numbers can cause an infinite loop due to integer overflow.
Golang Go
10
CVSSv2
CVE-2003-0347
Heap-based buffer overflow in VBE.DLL and VBE6.DLL of Microsoft Visual Basic for Applications (VBA) SDK 5.0 up to and including 6.3 allows remote malicious users to execute arbitrary code via a document with a long ID parameter.
Microsoft Visual Basic 6.3
Microsoft Visual Basic 5.0
Microsoft Project 2000
Microsoft Office 2000
Microsoft Visio 2002
Microsoft Project 2002
Microsoft Office Xp
Microsoft Visual Basic 6.2
1 EDB exploit
1.9
CVSSv2
CVE-2019-1552
OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. F...
Openssl Openssl
NA
CVE-2022-41725
A denial of service is possible from excessive resource consumption in net/http and mime/multipart. Multipart form parsing with mime/multipart.Reader.ReadForm can consume largely unlimited amounts of memory and disk files. This also affects form parsing in the net/http package wi...
Golang Go
Golang Go 1.20.0
NA
CVE-2023-24534
HTTP and MIME header parsing can allocate large amounts of memory, even when parsing small inputs, potentially leading to a denial of service. Certain unusual patterns of input data can cause the common function used to parse HTTP and MIME headers to allocate substantially more m...
Golang Go
6.9
CVSSv2
CVE-2013-1060
A certain Ubuntu build procedure for perf, as distributed in the Linux kernel packages in Ubuntu 10.04 LTS, 12.04 LTS, 12.10, 13.04, and 13.10, sets the HOME environment variable to the ~buildd directory and consequently reads the system configuration file from the ~buildd direct...
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 10.04
NA
CVE-2022-41724
Large handshake records may cause panics in crypto/tls. Both clients and servers may send large TLS handshake records which cause servers and clients, respectively, to panic when attempting to construct responses. This affects all TLS 1.3 clients, TLS 1.2 clients which explicitly...
Golang Go
Golang Go 1.20.0
NA
CVE-2023-24532
The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars (a scalar larger than the order of the curve). This does not impact usages of crypto/ecdsa or crypto/ecdh.
Golang Go
2 Github repositories
NA
CVE-2023-29400
Templates containing actions in unquoted HTML attributes (e.g. "attr={{.}}") executed with empty input can result in output with unexpected results when parsed due to HTML normalization rules. This may allow injection of arbitrary attributes into tags.
Golang Go
1 Github repository
6.8
CVSSv2
CVE-2007-3656
Mozilla Firefox prior to 1.8.0.13 and 1.8.1.x prior to 1.8.1.5 does not perform a security zone check when processing a wyciwyg URI, which allows remote malicious users to obtain sensitive information, poison the browser cache, and possibly enable further attack vectors via (1) H...
Mozilla Firefox 1.5.2
Mozilla Firefox 1.5.0.6
Mozilla Firefox 1.8
Mozilla Firefox 1.5.0.10
Mozilla Firefox 1.5.0.3
Mozilla Firefox 1.5.0.11
Mozilla Firefox 1.5.4
Mozilla Firefox 1.0.2
Mozilla Firefox 1.5
Mozilla Firefox 1.0.4
Mozilla Firefox 1.0.7
Mozilla Firefox 1.5.6
Mozilla Firefox 1.0
Mozilla Firefox 1.5.0.7
Mozilla Firefox 1.0.1
Mozilla Firefox 1.5.0.8
Mozilla Firefox 1.5.0.9
Mozilla Firefox 1.5.0.5
Mozilla Firefox 1.5.7
Mozilla Firefox 1.5.0.12
Mozilla Firefox 1.5.0.2
Mozilla Firefox 1.0.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103
CVE-2024-36279
CVE-2024-38457
elevation of privilege
CVE-2024-27801
CVE-2024-30103
NULL pointer dereference
CVE-2024-6057
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
NEXT »