Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
build environment vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-3736
Cross-site scripting (XSS) vulnerability in Mozilla Firefox prior to 2.0.0.5 allows remote malicious users to inject arbitrary web script "into another site's context" via a "timing issue" involving the (1) addEventListener or (2) setTimeout function, pro...
Mozilla Firefox 2.0.0.3
Mozilla Firefox 2.0.0.4
Mozilla Firefox 2.0.0.1
Mozilla Firefox 2.0.0.2
Mozilla Firefox 2.0
7.8
CVSSv3
CVE-2023-29403
On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as when dumping memory state, or assuming the status of standard i/o file descriptors. If a setuid/setgid binary is execute...
Golang Go
Fedoraproject Fedora 38
1 Github repository
9.8
CVSSv3
CVE-2023-24540
Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during exe...
Golang Go
3 Github repositories
9.8
CVSSv3
CVE-2023-24538
Templates do not properly consider backticks (`) as Javascript string delimiters, and do not escape them as expected. Backticks are used, since ES6, for JS template literals. If a template contains a Go template action within a Javascript template literal, the contents of the act...
Golang Go
2 Github repositories
7.3
CVSSv3
CVE-2023-24539
Angle brackets (<>) are not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character can result in unexpectedly closing the CSS context and allowing for injection of unexpected HTML, if exe...
Golang Go
1 Github repository
NA
CVE-2007-3089
Mozilla Firefox prior to 2.0.0.5 does not prevent use of document.write to replace an IFRAME (1) during the load stage or (2) in the case of an about:blank frame, which allows remote malicious users to display arbitrary HTML or execute certain JavaScript code, as demonstrated by ...
Mozilla Firefox 1.0
Mozilla Firefox 1.0.1
Mozilla Firefox 1.0.8
Mozilla Firefox 0.8
Mozilla Firefox 0.9
Mozilla Firefox 0.9.1
Mozilla Firefox 1.0.4
Mozilla Firefox 1.0.5
Mozilla Firefox 1.5.0.11
Mozilla Firefox 1.5.0.2
Mozilla Firefox 1.5.1
Mozilla Firefox 1.5.2
Mozilla Firefox 2.0
Mozilla Firefox 2.0.0.1
Mozilla Firefox 0.10
Mozilla Firefox 0.10.1
Mozilla Firefox 1.0.2
Mozilla Firefox 1.0.3
Mozilla Firefox 1.5.0.1
Mozilla Firefox 1.5.0.10
Mozilla Firefox 1.5.0.7
Mozilla Firefox 1.5.0.8
NA
CVE-2007-3734
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 2.0.0.5 and Thunderbird prior to 2.0.0.5 allow remote malicious users to cause a denial of service (crash) via unspecified vectors that trigger memory corruption.
Mozilla Firefox 2.0
Mozilla Firefox 2.0.0.1
Mozilla Thunderbird 2.0.0.3
Mozilla Thunderbird 2.0.0.4
Mozilla Thunderbird 2.0.0.1
Mozilla Thunderbird 2.0.0.2
Mozilla Firefox 2.0.0.2
Mozilla Firefox 2.0.0.3
Mozilla Firefox 2.0.0.4
Mozilla Thunderbird 2.0.0.0
NA
CVE-2007-3735
Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox prior to 2.0.0.5 and Thunderbird prior to 2.0.0.5 allow remote malicious users to cause a denial of service (crash) via unspecified vectors that trigger memory corruption.
Mozilla Thunderbird 2.0.0.1
Mozilla Thunderbird 2.0.0.2
Mozilla Firefox 2.0.0.4
Mozilla Thunderbird 2.0.0.0
Mozilla Firefox 2.0
Mozilla Firefox 2.0.0.1
Mozilla Thunderbird 2.0.0.3
Mozilla Thunderbird 2.0.0.4
Mozilla Firefox 2.0.0.2
Mozilla Firefox 2.0.0.3
7.5
CVSSv3
CVE-2022-41723
A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.
Golang Go
Golang Go 1.20.0
Golang Http2
Golang Hpack
2 Github repositories
NA
CVE-2017_5715
First of all This repository is based on the findings of these 3 repositories: https://github.com/peter-nebe/optee_os/tree/master, https://github.com/jefg89/optee-rpi4/tree/main and most notably https://github.com/joaopeixoto13/OPTEE-RPI4. The idea of this repository is to work a...
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
NEXT »