Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv2
CVE-2021-25920
In OpenEMR, versions v2.7.2-rc1 to 6.0.0 are vulnerable to Improper Access Control when creating a new user, which leads to a malicious user able to read and send sensitive messages on behalf of the victim user.
Open-emr Openemr
3.5
CVSSv2
CVE-2017-1102
IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM...
Ibm Rational Quality Manager 4.0
Ibm Rational Quality Manager 4.0.0.1
Ibm Rational Quality Manager 4.0.6
Ibm Rational Quality Manager 4.0.7
Ibm Rational Quality Manager 5.0
Ibm Rational Quality Manager 4.0.4
Ibm Rational Quality Manager 4.0.5
Ibm Rational Quality Manager 6.0.2
Ibm Rational Quality Manager 6.0.3
Ibm Rational Quality Manager 4.0.2
Ibm Rational Quality Manager 4.0.3
Ibm Rational Quality Manager 6.0
Ibm Rational Quality Manager 6.0.1
Ibm Rational Quality Manager 4.0.0.2
Ibm Rational Quality Manager 4.0.1
Ibm Rational Quality Manager 5.0.1
Ibm Rational Quality Manager 5.0.2
6.8
CVSSv2
CVE-2021-25923
In OpenEMR, versions 5.0.0 to 6.0.0.1 are vulnerable to weak password requirements as it does not enforce a maximum password length limit. If a malicious user is aware of the first 72 characters of the victim user’s password, he can leverage it to an account takeover.
Open-emr Openemr
2.1
CVSSv2
CVE-2019-18808
A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel up to and including 5.3.9 allows malicious users to cause a denial of service (memory consumption), aka CID-128c66429247.
Linux Linux Kernel
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.1
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
4.9
CVSSv2
CVE-2019-18809
A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel up to and including 5.3.9 allows malicious users to cause a denial of service (memory consumption), aka CID-2289adbfa559.
Linux Linux Kernel
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Fedoraproject Fedora 30
Canonical Ubuntu Linux 14.04
Opensuse Leap 15.1
Canonical Ubuntu Linux 19.10
Fedoraproject Fedora 31
3.5
CVSSv2
CVE-2021-25925
in SiCKRAGE, versions 4.2.0 to 10.0.11.dev1 are vulnerable to Stored Cross-Site-Scripting (XSS) due to user input not being validated properly when processed by the server. Therefore, an attacker can inject arbitrary JavaScript code inside the application, and possibly steal a us...
7.5
CVSSv2
CVE-2021-25928
Prototype pollution vulnerability in 'safe-obj' versions 1.0.0 up to and including 1.0.2 allows an malicious user to cause a denial of service and may lead to remote code execution.
Manta Safe-obj
4.6
CVSSv2
CVE-2017-11024
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition in the rmnet USB control driver can potentially lead to a Use After Free condition.
Google Android -
4.3
CVSSv2
CVE-2021-25930
In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerable to CSRF, due to no CSR...
Opennms Horizon
Opennms Meridian
4.6
CVSSv2
CVE-2017-11027
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing UBI image, size is not validated for being smaller than minimum header size causing unintialized data access vulnerability.
Google Android -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »