Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
anchor vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2019-6465
Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P2, 9.12.0 -> 9.12.3-P2, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview ...
Isc Bind
Isc Bind 9.9.3
Isc Bind 9.10.8
Isc Bind 9.11.5
Isc Bind 9.12.3
Redhat Enterprise Linux 8.0
4.9
CVSSv3
CVE-2018-5745
"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys...
Isc Bind
Isc Bind 9.10.7
Isc Bind 9.11.5
Isc Bind 9.9.3
Isc Bind 9.12.3
Isc Bind 9.10.8
6.1
CVSSv3
CVE-2023-34245
@udecode/plate-link is the link handler for the udecode/plate rich-text editor plugin system for Slate & React. Affected versions of the link plugin and link UI component do not sanitize URLs to prevent use of the `javascript:` scheme. As a result, links with JavaScript URLs ...
Udecode Plate
NA
CVE-2015-0812
Mozilla Firefox prior to 37.0 does not require an HTTPS session for lightweight theme add-on installations, which allows man-in-the-middle malicious users to bypass an intended user-confirmation requirement by deploying a crafted web site and conducting a DNS spoofing attack agai...
Mozilla Firefox 36.0.4
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
NA
CVE-2009-4008
Unbound prior to 1.4.4 does not send responses for signed zones after mishandling an unspecified query, which allows remote malicious users to cause a denial of service (DNSSEC outage) via a crafted query.
Nlnetlabs Unbound 1.0.1
Nlnetlabs Unbound 1.0.2
Nlnetlabs Unbound 0.8
Nlnetlabs Unbound 0.7.2
Nlnetlabs Unbound 1.4.1
Nlnetlabs Unbound 1.4.0
Nlnetlabs Unbound 1.3.4
Nlnetlabs Unbound 1.4.2
Nlnetlabs Unbound 1.2.0
Nlnetlabs Unbound 1.0.0
Nlnetlabs Unbound 0.7.1
Nlnetlabs Unbound 1.1.1
Nlnetlabs Unbound 0.6
Nlnetlabs Unbound 0.4
Nlnetlabs Unbound 1.3.0
Nlnetlabs Unbound 1.3.1
Nlnetlabs Unbound 1.3.2
Nlnetlabs Unbound 1.3.3
Nlnetlabs Unbound 0.10
Nlnetlabs Unbound 0.09
Nlnetlabs Unbound 0.2
Nlnetlabs Unbound 0.1
6.5
CVSSv3
CVE-2022-21672
make-ca is a utility to deliver and manage a complete PKI configuration for workstations and servers. Starting with version 0.9 and prior to version 1.10, make-ca misinterprets Mozilla certdata.txt and treats explicitly untrusted certificates like trusted ones, causing those expl...
Linuxfromscratch Make-ca
NA
CVE-2015-0804
The HTMLSourceElement::BindToTree function in Mozilla Firefox prior to 37.0 does not properly constrain a data type after omitting namespace validation during certain tree-binding operations, which allows remote malicious users to execute arbitrary code or cause a denial of servi...
Mozilla Firefox
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
NA
CVE-2015-0803
The HTMLSourceElement::AfterSetAttr function in Mozilla Firefox prior to 37.0 does not properly constrain the original data type of a casted value during the setting of a SOURCE element's attributes, which allows remote malicious users to execute arbitrary code or cause a de...
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Mozilla Firefox
NA
CVE-2015-0805
The Off Main Thread Compositing (OMTC) implementation in Mozilla Firefox prior to 37.0 makes an incorrect memset call during interaction with the mozilla::layers::BufferTextureClient::AllocateForSurface function, which allows remote malicious users to execute arbitrary code or ca...
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Mozilla Firefox
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 12.04
8.1
CVSSv3
CVE-2017-9805
The REST Plugin in Apache Struts 2.1.1 up to and including 2.3.x prior to 2.3.34 and 2.5.x prior to 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.
Apache Struts 2.1.8
Apache Struts 2.1.8.1
Apache Struts 2.3.1.2
Apache Struts 2.3.3
Apache Struts 2.3.14.2
Apache Struts 2.3.14.3
Apache Struts 2.3.16.2
Apache Struts 2.3.16.3
Apache Struts 2.3.28
Apache Struts 2.3.28.1
Apache Struts 2.5.3
Apache Struts 2.5.4
Apache Struts 2.5.10.1
Apache Struts 2.5.11
Apache Struts 2.1.2
Apache Struts 2.2.1
Apache Struts 2.2.1.1
Apache Struts 2.3.4
Apache Struts 2.3.4.1
Apache Struts 2.3.15
Apache Struts 2.3.15.1
Apache Struts 2.3.20
1 EDB exploit
20 Github repositories
3 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »