Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
reflection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-2483
crypt_blowfish prior to 1.1, as used in PHP prior to 5.3.7 on certain platforms, PostgreSQL prior to 8.4.9, and other products, does not properly handle 8-bit characters, which makes it easier for context-dependent malicious users to determine a cleartext password by leveraging k...
Php Php
Postgresql Postgresql
Openwall Crypt Blowfish
1 Github repository
NA
CVE-2011-3182
PHP prior to 5.3.7 does not properly check the return values of the malloc, calloc, and realloc library functions, which allows context-dependent malicious users to cause a denial of service (NULL pointer dereference and application crash) or trigger a buffer overflow by leveragi...
Php Php 4.3.3
Php Php 4.3.6
Php Php 4.4.6
Php Php 4.4.7
Php Php 4.3.9
Php Php 5.2.8
Php Php 4.4.0
Php Php 5.0.4
Php Php 5.2.9
Php Php 5.0.0
Php Php 5.1.6
Php Php 5.2.0
Php Php 2.0b10
Php Php 2.0
Php Php 3.0.11
Php Php 3.0.10
Php Php 3.0.3
Php Php 3.0.15
Php Php 3.0.7
Php Php 3.0.8
Php Php 4.0
Php Php 4.0.6
1 EDB exploit
NA
CVE-2010-1383
CFNetwork in Apple Safari prior to 5.0.6 on Windows allows remote web servers to execute arbitrary code by replaying the NTLM credentials of a client user, related to a "credential reflection" issue.
Apple Safari 1.3.1
Apple Safari 1.2.4
Apple Safari 1.2.2
Apple Safari 2.0.2
Apple Safari 1.1.0
Apple Safari 1.0.1
Apple Safari 1.0.0
Apple Safari 2.0.3
Apple Safari 1.0
Apple Safari 2
Apple Safari 1.2
Apple Safari 2.0.1
Apple Safari 1.3.2
Apple Safari 1.1.1
Apple Safari 1.0.3
Apple Safari 1.0.2
Apple Safari 5.0.1
Apple Safari 3.0.0
Apple Safari 2.0.4
Apple Safari 2.0.0
Apple Safari 3.0.1b
Apple Safari 1.1
NA
CVE-2011-2202
The rfc1867_post_handler function in main/rfc1867.c in PHP prior to 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote malicious users to conduct absolute path traversal attacks, and possibly create or overwrite arbitrary files, v...
Php Php 5.3.0
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.0
Php Php 4.1.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.4.1
Php Php 4.4.2
Php Php 3.0.11
Php Php 3.0.10
Php Php 3.0.4
Php Php 3.0.3
Php Php 3.0.8
Php Php 3.0.5
Php Php
Php Php 4.0.0
Php Php 4.0.1
Php Php 4.2.0
Php Php 4.3.1
1 EDB exploit
NA
CVE-2011-1938
Stack-based buffer overflow in the socket_connect function in ext/sockets/sockets.c in PHP 5.3.3 up to and including 5.3.6 might allow context-dependent malicious users to execute arbitrary code via a long pathname for a UNIX socket.
Php Php 5.3.4
Php Php 5.3.5
Php Php 5.3.3
Php Php 5.3.6
2 EDB exploits
NA
CVE-2011-1148
Use-after-free vulnerability in the substr_replace function in PHP 5.3.6 and previous versions allows context-dependent malicious users to cause a denial of service (memory corruption) or possibly have unspecified other impact by using the same variable for multiple arguments.
Php Php 5.3.0
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0
Php Php 4.1.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.4.1
Php Php 4.4.2
Php Php 4.4.9
Php Php 3.0.11
Php Php 3.0.18
Php Php 3.0.4
Php Php 3.0.8
Php Php 3.0.5
Php Php 5.3.5
Php Php
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.2.1
NA
CVE-2010-4146
Cross-site scripting (XSS) vulnerability in Attachmate Reflection for the Web 2008 R2 (builds 10.1.569 and previous versions), 2008 R1, and 9.6 and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Attachmate Reflection For The Web 9.5
Attachmate Reflection For The Web 2008
Attachmate Reflection For The Web
Attachmate Reflection For The Web 8.0
Attachmate Reflection For The Web 9.0
Attachmate Reflection For The Web 9.01
NA
CVE-2010-3553
Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was...
Sun Jre 1.6.0
Sun Jre
Sun Jdk 1.6.0
Sun Jdk
Sun Jdk 1.5.0
Sun Sdk 1.4.2 02
Sun Sdk 1.4.2 1
Sun Sdk 1.4.2 16
Sun Sdk 1.4.2 17
Sun Sdk 1.4.2 8
Sun Sdk 1.4.2 9
Sun Sdk 1.4.2 26
Sun Sdk
Sun Sdk 1.4.2 10
Sun Sdk 1.4.2 11
Sun Sdk 1.4.2 12
Sun Sdk 1.4.2 13
Sun Sdk 1.4.2 18
Sun Sdk 1.4.2 19
Sun Sdk 1.4.2 3
Sun Sdk 1.4.2 20
Sun Sdk 1.4.2 21
NA
CVE-2009-3979
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 3.0.16 and 3.5.x prior to 3.5.6, SeaMonkey prior to 2.0.1, and Thunderbird allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execut...
Mozilla Firefox 3.5.4
Mozilla Firefox 3.5.5
Mozilla Seamonkey 1.0.4
Mozilla Seamonkey 1.0.3
Mozilla Seamonkey 1.0.99
Mozilla Seamonkey 1.0.9
Mozilla Seamonkey 1.1.2
Mozilla Seamonkey 1.1.13
Mozilla Seamonkey 1.1
Mozilla Seamonkey 1.1.7
Mozilla Seamonkey 2.0
Mozilla Firefox 0.3
Mozilla Firefox 0.4
Mozilla Firefox 0.9.1
Mozilla Firefox 0.9
Mozilla Firefox 1.0.1
Mozilla Firefox 1.0
Mozilla Firefox 1.5.0.4
Mozilla Firefox 1.4.1
Mozilla Firefox 1.5.0.10
Mozilla Firefox 1.5
Mozilla Firefox 1.5.0.8
NA
CVE-2009-3981
Unspecified vulnerability in the browser engine in Mozilla Firefox prior to 3.0.16, SeaMonkey prior to 2.0.1, and Thunderbird allows remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vector...
Mozilla Seamonkey 1.0.5
Mozilla Seamonkey 1.0.4
Mozilla Seamonkey 1.1.10
Mozilla Seamonkey 1.0.99
Mozilla Seamonkey 1.1.17
Mozilla Seamonkey 1.1.2
Mozilla Seamonkey 1.1.8
Mozilla Seamonkey 1.1
Mozilla Seamonkey 1.5.0.9
Mozilla Seamonkey 2.0
Mozilla Firefox 0.6.1
Mozilla Firefox 0.3
Mozilla Firefox 0.8
Mozilla Firefox 0.9.1
Mozilla Firefox 1.0.1
Mozilla Firefox 1.0
Mozilla Firefox 1.0.8
Mozilla Firefox 1.5.0.4
Mozilla Firefox 1.5.0.1
Mozilla Firefox 1.5.0.10
Mozilla Firefox 1.5.0.8
Mozilla Firefox 1.5.0.9
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »