Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
adrian vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2017-14489
The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the Linux kernel up to and including 4.13.2 allows local users to cause a denial of service (panic) by leveraging incorrect length validation.
Linux Linux Kernel
1 EDB exploit
7.8
CVSSv3
CVE-2017-1000370
The offset2lib patch as used in the Linux Kernel contains a vulnerability that allows a PIE binary to be execve()'ed with 1GB of arguments or environmental strings then the stack occupies the address 0x80000000 and the PIE binary is mapped above 0x40000000 nullifying the pro...
Linux Linux Kernel
2 EDB exploits
4.4
CVSSv3
CVE-2017-12153
A security flaw exists in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel up to and including 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the C...
Linux Linux Kernel
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
7.8
CVSSv3
CVE-2017-1000371
The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMIT_STACK is set to RLIM_INFINITY and 1 Gigabyte of memory is allocated (the maximum under the 1/4 restriction) then the stack will be grown down to 0x80000000, and as the PIE binary is mapped above ...
Linux Linux Kernel
2 EDB exploits
NA
CVE-2007-6270
Multiple cross-site scripting (XSS) vulnerabilities in Absolute News Manager.NET 5.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) rmore parameter to xlaabsolutenm.aspx and the (2) template parameter to pages/default.aspx.
Xigla Absolute News Manager.net 5.1
2 EDB exploits
7.5
CVSSv3
CVE-2021-36520
A SQL injection vulnerability in I-Tech Trainsmart r1044 exists via a evaluation/assign-evaluation?id= URI.
Washington I-tech Trainsmart R1044
7
CVSSv3
CVE-2020-28169
The td-agent-builder plugin prior to 2020-12-18 for Fluentd allows malicious users to gain privileges because the bin directory is writable by a user account, but a file in bin is executed as NT AUTHORITY\SYSTEM.
Td-agent-builder Project Td-agent-builder
Debian Debian Linux 10.0
1 Github repository
NA
CVE-2007-6055
Cross-site scripting (XSS) vulnerability in c/portal/login in Liferay Portal 4.1.0 and 4.1.1 allows remote malicious users to inject arbitrary web script or HTML via the login parameter. NOTE: this issue reportedly exists because of a regression that followed a fix at an unspecif...
Liferay Portal 4.1.1
Liferay Portal 4.1.0
1 EDB exploit
9.8
CVSSv3
CVE-2013-4621
Magnolia CMS prior to 4.5.9 has multiple access bypass vulnerabilities
Magdevgroup Magnolia Cms
NA
CVE-2007-6198
portal/server.pt in the Plumtree portal in BEA AquaLogic Interaction 5.0.2 up to and including 5.0.4 and 6.0.1.218452 allows wildcards in advanced searches for usernames, which allows remote malicious users to enumerate valid usernames via the in_tx_fulltext parameter.
Bea Aqualogic Interaction 5.0.4
Bea Aqualogic Interaction 6.0.1.218452
Bea Aqualogic Interaction 5.0.2
Bea Aqualogic Interaction 5.0.3
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »