Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
shift vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2017-11402
An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance prior to 03.2.00. Design flaws in OPC classic and in custom netfilter modules allow an malicious user to remotely activate rules on the firewall and to connect to any TCP port of a protected ass...
Belden Tofino Xenon Security Appliance Firmware
9
CVSSv2
CVE-2021-45960
In Expat (aka libexpat) prior to 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory).
Libexpat Project Libexpat
Tenable Nessus
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Siemens Sinema Remote Connect Server
Netapp Oncommand Workflow Automation -
Netapp Solidfire \\& Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Hci Baseboard Management Controller H610c
Netapp Hci Baseboard Management Controller H610s
Netapp Hci Baseboard Management Controller H615c
NA
CVE-2023-1978
The ShiftController Employee Shift Scheduling plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the query string in versions up to, and including, 4.9.25 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated ...
Plainware Shiftcontroller
NA
CVE-2023-45659
Engelsystem is a shift planning system for chaos events. If a users' password is compromised and an attacker gained access to a users' account, i.e., logged in and obtained a session, an attackers' session is not terminated if the users' account password is re...
Engelsystem Engelsystem
1 Github repository
4.3
CVSSv2
CVE-2020-27774
A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of a too large shift for 64-bit type `ssize_t`. This would most likely lead to an impact to application ...
Imagemagick Imagemagick
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 5.0
Debian Debian Linux 9.0
10
CVSSv2
CVE-2011-3651
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 7.0 and Thunderbird 7.0 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Mozilla Firefox 7.0
Mozilla Thunderbird 7.0
10
CVSSv2
CVE-2011-3652
The browser engine in Mozilla Firefox prior to 8.0 and Thunderbird prior to 8.0 does not properly allocate memory, which allows remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors...
Mozilla Firefox 3.6.2
Mozilla Firefox 3.6.3
Mozilla Firefox 3.6.11
Mozilla Firefox 3.6.12
Mozilla Firefox 3.6.19
Mozilla Firefox 3.6.20
Mozilla Firefox 3.6.21
Mozilla Firefox 3.5.9
Mozilla Firefox 3.5.3
Mozilla Firefox 3.5.6
Mozilla Firefox 3.5.7
Mozilla Firefox 3.0
Mozilla Firefox 3.0.11
Mozilla Firefox 3.0.7
Mozilla Firefox 3.0.15
Mozilla Firefox 2.0.0.13
Mozilla Firefox 2.0.0.20
Mozilla Firefox 2.0.0.10
Mozilla Firefox 2.0.0.5
Mozilla Firefox 1.4.1
Mozilla Firefox 1.0.1
Mozilla Firefox 1.0.7
9.3
CVSSv2
CVE-2011-3655
Mozilla Firefox 4.x up to and including 7.0 and Thunderbird 5.0 up to and including 7.0 perform access control without checking for use of the NoWaiverWrapper wrapper, which allows remote malicious users to gain privileges via a crafted web site.
Mozilla Firefox 4.0.1
Mozilla Firefox 4.0
Mozilla Firefox 5.0
Mozilla Firefox 5.0.1
Mozilla Firefox 6.0
Mozilla Firefox 6.0.2
Mozilla Firefox 6.0.1
Mozilla Firefox 7.0
Mozilla Thunderbird 5.0
Mozilla Thunderbird 6.0
Mozilla Thunderbird 6.0.1
Mozilla Thunderbird 6.0.2
Mozilla Thunderbird 7.0
NA
CVE-2023-48302
Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.13, 26.0.8, and 27.1.3 of Nextcloud Server and Nextcloud Enterprise Server, when a user is tricked into copy pasting HTML code without markup...
Nextcloud Nextcloud Server
NA
CVE-2023-45152
Engelsystem is a shift planning system for chaos events. A Blind SSRF in the "Import schedule" functionality makes it possible to perform a port scan against the local environment. This vulnerability has been fixed in commit ee7d30b33. If a patch cannot be deployed, ope...
Engelsystem Engelsystem
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »