Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
reflection vulnerabilities and exploits
(subscribe to this query)
570
VMScore
CVE-2006-0614
Unspecified vulnerability in Sun Java JDK and JRE 5.0 Update 3 and previous versions, SDK and JRE 1.3.x up to and including 1.3.1_16 and 1.4.x up to and including 1.4.2_08 allows remote malicious users to bypass Java sandbox security and obtain privileges via unspecified vectors ...
Sun Jre 5.0
Sun Jdk 5.0
Sun Sdk
Sun Jre
508
VMScore
CVE-2013-5211
The monlist feature in ntp_request.c in ntpd in NTP prior to 4.2.7p26 allows remote malicious users to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited in the wild in December 2013.
Opensuse Opensuse 11.4
Ntp Ntp 4.2.7
Ntp Ntp
Oracle Linux 6
Oracle Linux 7
1 EDB exploit
9 Github repositories
505
VMScore
CVE-2011-3182
PHP prior to 5.3.7 does not properly check the return values of the malloc, calloc, and realloc library functions, which allows context-dependent malicious users to cause a denial of service (NULL pointer dereference and application crash) or trigger a buffer overflow by leveragi...
Php Php 4.3.3
Php Php 4.3.6
Php Php 4.4.6
Php Php 4.4.7
Php Php 4.3.9
Php Php 5.2.8
Php Php 4.4.0
Php Php 5.0.4
Php Php 5.2.9
Php Php 5.0.0
Php Php 5.1.6
Php Php 5.2.0
Php Php 2.0b10
Php Php 2.0
Php Php 3.0.11
Php Php 3.0.10
Php Php 3.0.3
Php Php 3.0.15
Php Php 3.0.7
Php Php 3.0.8
Php Php 4.0
Php Php 4.0.6
1 EDB exploit
448
VMScore
CVE-2020-8616
A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to proce...
Isc Bind
Isc Bind 9.12.4
Isc Bind 9.11.7
Isc Bind 9.11.3
Isc Bind 9.11.6
Isc Bind 9.10.5
Isc Bind 9.11.5
Isc Bind 9.9.3
Isc Bind 9.10.7
Isc Bind 9.11.8
Debian Debian Linux 9.0
Debian Debian Linux 10.0
447
VMScore
CVE-2019-6477
With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining enabled. A client using a TCP-pipelined connection to a server could consume more resources than the server has been pr...
Isc Bind 9.12.4
Isc Bind
Isc Bind 9.11.6
Isc Bind 9.11.5
Isc Bind 9.11.12
Fedoraproject Fedora 30
Fedoraproject Fedora 31
445
VMScore
CVE-2021-21327
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI before version 9.5.4 non-authenticated user can remotely instantiate object of any class existing in the GLPI environment tha...
Glpi-project Glpi
445
VMScore
CVE-2020-15768
An issue exists in Gradle Enterprise 2017.3 - 2020.2.4 and Gradle Enterprise Build Cache Node 1.0 - 9.2. Unrestricted HTTP header reflection in Gradle Enterprise allows remote malicious users to obtain authentication cookies, if they are able to discover a separate XSS vulnerabil...
Gradle Enterprise Cache Node
Gradle Enterprise
445
VMScore
CVE-2020-5591
XACK DNS 1.11.0 to 1.11.4, 1.10.0 to 1.10.8, 1.8.0 to 1.8.23, 1.7.0 to 1.7.18, and versions prior to 1.7.0 allow remote malicious users to cause a denial of service condition resulting in degradation of the recursive resolver's performance or compromising the recursive resol...
Xack Xack Dns
445
VMScore
CVE-2020-2100
Jenkins 2.218 and previous versions, LTS 2.204.1 and previous versions was vulnerable to a UDP amplification reflection denial of service attack on port 33848.
Jenkins Jenkins
1 Github repository
445
VMScore
CVE-2019-9496
An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attacker may force the hostapd proc...
W1.fi Hostapd
W1.fi Wpa Supplicant
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »