Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ins vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2011-1124
Use-after-free vulnerability in Google Chrome prior to 9.0.597.107 allows remote malicious users to cause a denial of service or possibly have unspecified other impact via vectors related to blocked plug-ins.
Google Chrome
7.5
CVSSv2
CVE-2012-2881
Google Chrome prior to 22.0.1229.79 does not properly handle plug-ins, which allows remote malicious users to cause a denial of service (DOM tree corruption) or possibly have unspecified other impact via unknown vectors.
Google Chrome 22.0.1229.23
Google Chrome 22.0.1229.63
Google Chrome 22.0.1229.18
Google Chrome 22.0.1229.33
Google Chrome 22.0.1229.9
Google Chrome 22.0.1229.57
Google Chrome 22.0.1229.32
Google Chrome 22.0.1229.54
Google Chrome 22.0.1229.16
Google Chrome 22.0.1229.4
Google Chrome 22.0.1229.21
Google Chrome 22.0.1229.12
Google Chrome 22.0.1229.31
Google Chrome 22.0.1229.10
Google Chrome 22.0.1229.2
Google Chrome 22.0.1229.22
Google Chrome 22.0.1229.35
Google Chrome 22.0.1229.50
Google Chrome 22.0.1229.36
Google Chrome 22.0.1229.60
Google Chrome 22.0.1229.62
Google Chrome 22.0.1229.25
4.3
CVSSv2
CVE-2008-4216
The plug-in interface in WebKit in Apple Safari prior to 3.2 does not prevent plug-ins from accessing local URLs, which allows remote malicious users to obtain sensitive information via vectors that "launch local files."
Apple Safari 1.0
Apple Safari 1.1.1
Apple Safari 1.3.1
Apple Safari 1.3.2
Apple Safari 2.0.4
Apple Safari 2.0.4 419.3
Apple Safari 3.0.3
Apple Safari 1.1
Apple Safari
Apple Safari 0.8
Apple Safari 0.9
Apple Safari 1.2.1
Apple Safari 1.2.2
Apple Safari 2
Apple Safari 2.0
Apple Safari 2.0 Pre
Apple Safari 3
Apple Safari 1.2.5
Apple Safari 1.3
Apple Safari 2.0.3
Apple Safari 2.0.3 417.9.3
Apple Safari 3.0.2
7.5
CVSSv2
CVE-2011-3107
Google Chrome prior to 19.0.1084.52 does not properly implement JavaScript bindings for plug-ins, which allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors.
Google Chrome 19.0.1042.0
Google Chrome 19.0.1041.0
Google Chrome 19.0.1039.0
Google Chrome 19.0.1038.0
Google Chrome 19.0.1035.0
Google Chrome 19.0.1036.0
Google Chrome 19.0.1049.1
Google Chrome 19.0.1049.2
Google Chrome 19.0.1055.0
Google Chrome 19.0.1055.1
Google Chrome 19.0.1057.3
Google Chrome 19.0.1058.0
Google Chrome 19.0.1058.1
Google Chrome 19.0.1062.1
Google Chrome 19.0.1063.0
Google Chrome 19.0.1068.1
Google Chrome 19.0.1069.0
Google Chrome 19.0.1076.1
Google Chrome 19.0.1044.0
Google Chrome 19.0.1043.0
Google Chrome 19.0.1036.3
Google Chrome 19.0.1040.0
4.3
CVSSv2
CVE-2010-2658
Opera prior to 10.60 does not properly restrict certain interaction between plug-ins, file inputs, and the clipboard, which allows user-assisted remote malicious users to trigger the uploading of arbitrary files via a crafted web site.
Opera Opera Browser 10.53
Opera Opera Browser 10.10
Opera Opera Browser 9.63
Opera Opera Browser 9.62
Opera Opera Browser 9.61
Opera Opera Browser 9.50
Opera Opera Browser 9.23
Opera Opera Browser 9.22
Opera Opera Browser 9.20
Opera Opera Browser 10.52
Opera Opera Browser 10.01
Opera Opera Browser 10.00
Opera Opera Browser 9.60
Opera Opera Browser 9.26
Opera Opera Browser 9.27
Opera Opera Browser 9.10
Opera Opera Browser 9.12
Opera Opera Browser 8.51
Opera Opera Browser 8.53
Opera Opera Browser 8.01
Opera Opera Browser 8.02
Opera Opera Browser 7.20
6.8
CVSSv2
CVE-2020-8809
Gurux GXDLMS Director before 8.5.1905.1301 downloads updates to add-ins and OBIS code over an unencrypted HTTP connection. A man-in-the-middle attacker can prompt the user to download updates by modifying the contents of gurux.fi/obis/files.xml and gurux.fi/updates/updates.xml. T...
Gurux Device Language Message Specification Director
1 Github repository
4
CVSSv2
CVE-2004-0908
Mozilla Firefox before the Preview Release, Mozilla prior to 1.7.3, and Thunderbird prior to 0.8 allows untrusted Javascript code to read and write to the clipboard, and possibly obtain sensitive information, via script-generated events such as Ctrl-Ins.
Mozilla Mozilla 0.9.4.1
Mozilla Mozilla 0.9.48
Mozilla Mozilla 1.0.1
Mozilla Mozilla 1.0.2
Mozilla Mozilla 1.2
Mozilla Mozilla 1.4
Mozilla Mozilla 1.7
Mozilla Thunderbird 0.5
Mozilla Thunderbird 0.6
Mozilla Mozilla 0.9.2.1
Mozilla Mozilla 0.9.3
Mozilla Mozilla 0.9.7
Mozilla Mozilla 0.9.8
Mozilla Mozilla 1.1
Mozilla Mozilla 1.4.1
Mozilla Mozilla 1.6
Mozilla Thunderbird 0.1
Mozilla Thunderbird 0.2
Mozilla Thunderbird 0.7.2
Mozilla Mozilla 0.9.35
Mozilla Mozilla 0.9.4
Mozilla Mozilla 0.9.9
7.5
CVSSv2
CVE-2012-2763
Buffer overflow in the readstr_upto function in plug-ins/script-fu/tinyscheme/scheme.c in GIMP 2.6.12 and previous versions, and possibly 2.6.13, allows remote malicious users to execute arbitrary code via a long string in a command to the script-fu server.
Gimp Gimp
2 EDB exploits
5
CVSSv2
CVE-2005-0874
Multiple buffer overflows in the (1) AIM, (2) MSN, (3) RSS, and other plug-ins for Trillian 2.0 allow remote web servers to cause a denial of service (application crash) via a long string in an HTTP 1.1 response header.
Cerulean Studios Trillian 2.0
4.3
CVSSv2
CVE-2011-4274
Cross-site scripting (XSS) vulnerability in the A-Form PC and PC/Mobile prior to 3.1 plug-ins for Movable Type allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-2676.
Ark-web A-form Pc
Ark-web A-form Pc Mobile
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »