Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zero x vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-5631
Roundcube prior to 1.4.15, 1.5.x prior to 1.5.5, and 1.6.x prior to 1.6.4 allows stored XSS via an HTML e-mail message with a crafted SVG document because of program/lib/Roundcube/rcube_washtml.php behavior. This could allow a remote attacker to load arbitrary JavaScript code.
Roundcube Webmail
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Fedoraproject Fedora 39
1 Github repository
1 Article
NA
CVE-2014-0333
The png_push_read_chunk function in pngpread.c in the progressive decoder in libpng 1.6.x up to and including 1.6.9 allows remote malicious users to cause a denial of service (infinite loop and CPU consumption) via an IDAT chunk with a length of zero.
Libpng Libpng 1.6.3
Libpng Libpng 1.6.4
Libpng Libpng 1.6.8
Libpng Libpng 1.6.9
Libpng Libpng 1.6.1
Libpng Libpng 1.6.6
Libpng Libpng 1.6.7
Libpng Libpng 1.6.2
Libpng Libpng 1.6.0
Libpng Libpng 1.6.5
NA
CVE-2004-0245
Web Crossing 4.x and 5.x allows remote malicious users to cause a denial of service (crash) by sending a HTTP POST request with a large or negative Content-Length, which causes an integer divide-by-zero.
Web Crossing Inc Web Crossing 4.0
Web Crossing Inc Web Crossing 5.0
1 EDB exploit
NA
CVE-2006-3142
SQL injection vulnerability in forum.php in VBZooM 1.11 allows remote malicious users to execute arbitrary SQL commands via the MainID parameter.
Vbzoom Vbzoom 1.11
2 EDB exploits
7.8
CVSSv3
CVE-2017-8072
The cp2112_gpio_direction_input function in drivers/hid/hid-cp2112.c in the Linux kernel 4.9.x prior to 4.9.9 does not have the expected EIO error status for a zero-length report, which allows local users to have an unspecified impact via unknown vectors.
Linux Linux Kernel 4.9.1
Linux Linux Kernel 4.9.3
Linux Linux Kernel 4.9.4
Linux Linux Kernel 4.9.5
Linux Linux Kernel 4.9.6
Linux Linux Kernel 4.9.8
Linux Linux Kernel 4.9
Linux Linux Kernel 4.9.2
NA
CVE-2004-0934
Kaspersky 3.x to 4.x allows remote malicious users to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
Archive Zip Archive Zip 1.13
Broadcom Brightstor Arcserve Backup 11.1
Broadcom Etrust Ez Antivirus 6.2
Broadcom Etrust Ez Antivirus 6.3
Broadcom Etrust Secure Content Manager 1.0
Ca Etrust Secure Content Manager 1.0
Broadcom Etrust Antivirus Gateway 7.1
Broadcom Etrust Ez Antivirus 6.1
Broadcom Etrust Intrusion Detection 1.4.5
Broadcom Etrust Intrusion Detection 1.5
Kaspersky Lab Kaspersky Anti-virus 3.0
Kaspersky Lab Kaspersky Anti-virus 4.0
Sophos Sophos Anti-virus 3.78
Sophos Sophos Anti-virus 3.78d
Sophos Sophos Anti-virus 3.85
Sophos Sophos Anti-virus 3.86
Broadcom Etrust Antivirus 7.0
Ca Etrust Antivirus 7.0 Sp2
Broadcom Etrust Ez Armor 2.0
Broadcom Etrust Ez Armor 2.3
Broadcom Etrust Secure Content Manager 1.1
Broadcom Inoculateit 6.0
1 EDB exploit
5.3
CVSSv3
CVE-2015-8627
MediaWiki prior to 1.23.12, 1.24.x prior to 1.24.5, 1.25.x prior to 1.25.4, and 1.26.x prior to 1.26.1 do not properly normalize IP addresses containing zero-padded octets, which might allow remote malicious users to bypass intended access restrictions by using an IP address that...
Mediawiki Mediawiki 1.25.0
Mediawiki Mediawiki 1.25.1
Mediawiki Mediawiki 1.25.2
Mediawiki Mediawiki 1.24.0
Mediawiki Mediawiki 1.24.2
Mediawiki Mediawiki 1.26.0
Mediawiki Mediawiki 1.25.3
Mediawiki Mediawiki 1.24.4
Mediawiki Mediawiki
Mediawiki Mediawiki 1.24.1
Mediawiki Mediawiki 1.24.3
5.5
CVSSv3
CVE-2015-8737
The mp2t_open function in wiretap/mp2t.c in the MP2T file parser in Wireshark 2.0.x prior to 2.0.1 does not validate the bit rate, which allows remote malicious users to cause a denial of service (divide-by-zero error and application crash) via a crafted file.
Wireshark Wireshark 2.0.0
NA
CVE-2011-4587
lib/moodlelib.php in Moodle 1.9.x prior to 1.9.15, 2.0.x prior to 2.0.6, and 2.1.x prior to 2.1.3 does not properly handle certain zero values in the password policy, which makes it easier for remote malicious users to obtain access by leveraging the possible existence of user ac...
Moodle Moodle 2.0.2
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.9.6
Moodle Moodle 1.9.9
Moodle Moodle 2.0.1
Moodle Moodle 1.9.11
Moodle Moodle 2.1.2
Moodle Moodle 2.0.4
Moodle Moodle 1.9.2
Moodle Moodle 1.9.12
Moodle Moodle 1.9.10
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 1.9.3
Moodle Moodle 2.0.5
Moodle Moodle 1.9.13
Moodle Moodle 1.9.5
Moodle Moodle 1.9.14
Moodle Moodle 1.9.8
Moodle Moodle 1.9.7
Moodle Moodle 2.0.0
NA
CVE-2014-7833
mod/data/edit.php in Moodle up to and including 2.4.11, 2.5.x prior to 2.5.9, 2.6.x prior to 2.6.6, and 2.7.x prior to 2.7.3 sets a certain group ID to zero upon a database-entry change, which allows remote authenticated users to obtain sensitive information by accessing the data...
Moodle Moodle 2.5.4
Moodle Moodle 2.5.3
Moodle Moodle 2.5.2
Moodle Moodle 2.5.1
Moodle Moodle
Moodle Moodle 2.6.3
Moodle Moodle 2.6.4
Moodle Moodle 2.6.5
Moodle Moodle 2.7.0
Moodle Moodle 2.5.8
Moodle Moodle 2.5.6
Moodle Moodle 2.6.0
Moodle Moodle 2.6.2
Moodle Moodle 2.7.1
Moodle Moodle 2.5.7
Moodle Moodle 2.5.5
Moodle Moodle 2.5.0
Moodle Moodle 2.6.1
Moodle Moodle 2.7.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »