Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
common applications vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-6774
Untrusted search path vulnerability in the ChainsDD Superuser package 3.1.3 for Android 4.2.x and previous versions, CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.2.x and previous versions, and Chainfire SuperSU package prior to 1.69 for Android 4.2.x and...
Chainfire Supersu 1.69
Androidsu Chainsdd Superuser 3.1.3
Koushik Dutta Superuser 1.0.2.1
NA
CVE-2008-1585
Apple QuickTime prior to 7.5 uses the url.dll!FileProtocolHandler handler for unrecognized URIs in qt:next attributes within SMIL text in video files, which sends these URIs to explorer.exe and thereby allows remote malicious users to execute arbitrary programs, as originally dem...
Apple Quicktime
3.7
CVSSv3
CVE-2019-2987
Vulnerability in the Java SE product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 11.0.4 and 13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful...
Oracle Jdk 11.0.4
Oracle Jdk 13.0.0
Oracle Jre 11.0.4
Oracle Jre 13.0.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server 6.0
Netapp E-series Santricity Web Services Proxy -
Netapp Snapmanager -
Netapp E-series Santricity Os Controller
Netapp E-series Santricity Storage Manager -
Netapp E-series Santricity Unified Manager -
Netapp Oncommand Workflow Automation -
Debian Debian Linux 10.0
10
CVSSv3
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0
Apache Log4j
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Siemens Head-end System Universal Device Integration System
Siemens Gma-manager
Siemens Energyip 8.5
Siemens Energyip 8.6
Siemens Energyip 8.7
Siemens Energyip 9.0
Siemens Energy Engage 3.1
Siemens E-car Operation Center
2 Metasploit modules
1179 Github repositories
28 Articles
6.1
CVSSv3
CVE-2019-10219
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.
Redhat Hibernate Validator
Redhat Hibernate Validator 6.1.0
Redhat Single Sign-on -
Redhat Jboss Enterprise Application Platform -
Redhat Jboss Data Grid -
Redhat Openshift Application Runtimes -
Redhat Fuse 1.0
Redhat Jboss Enterprise Application Platform 7.2
Redhat Jboss Enterprise Application Platform 7.3
Netapp Active Iq Unified Manager -
Netapp Element -
Netapp Snapcenter Plug-in -
Netapp Management Services For Element Software And Netapp Hci -
Oracle Flexcube Investor Servicing 12.3.0
Oracle Flexcube Investor Servicing 12.1.0
Oracle Solaris 11
Oracle Flexcube Private Banking 12.1.0
Oracle Insurance Policy Administration J2ee 10.2.0
Oracle Flexcube Private Banking 12.0.0
Oracle Flexcube Investor Servicing 12.0.4
Oracle Weblogic Server 12.1.3.0.0
Oracle Retail Integration Bus 13.0
6.8
CVSSv3
CVE-2019-2949
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Kerberos). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network ...
Oracle Jdk 11.0.4
Oracle Jdk 13.0.0
Oracle Jre 11.0.4
Oracle Jre 13.0.0
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Jre 1.7.0
Oracle Jre 1.8.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Snapmanager -
Netapp Oncommand Workflow Automation -
Netapp E-series Santricity Web Services Proxy -
Netapp E-series Santricity Storage Manager -
Netapp E-series Santricity Unified Manager -
Netapp E-series Santricity Os Controller
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
7.4
CVSSv3
CVE-2021-3450
The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve paramet...
Openssl Openssl
Freebsd Freebsd 12.2
Netapp Santricity Smi-s Provider Firmware -
Netapp Storagegrid Firmware -
Windriver Linux -
Windriver Linux 18.0
Windriver Linux 19.0
Windriver Linux 17.0
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Ontap Select Deploy Administration Utility -
Netapp Cloud Volumes Ontap Mediator -
Fedoraproject Fedora 34
Tenable Nessus Agent
Tenable Nessus
Tenable Nessus Network Monitor 5.11.1
Tenable Nessus Network Monitor 5.12.0
Tenable Nessus Network Monitor 5.12.1
Tenable Nessus Network Monitor 5.13.0
Tenable Nessus Network Monitor 5.11.0
Oracle Jd Edwards World Security A9.4
Oracle Weblogic Server 12.2.1.4.0
1 Github repository
1 Article
6.5
CVSSv3
CVE-2023-25661
TensorFlow is an Open Source Machine Learning Framework. In versions before 2.11.1 a malicious invalid input crashes a tensorflow model (Check Failed) and can be used to trigger a denial of service attack. A proof of concept can be constructed with the `Convolution3DTranspose` fu...
Google Tensorflow
NA
CVE-2024-29041
Express.js minimalist web framework for node. Versions of Express.js before 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL Express ...
NA
CVE-2002-0085
cachefsd in Solaris 2.6, 7, and 8 allows remote malicious users to cause a denial of service (crash) via an invalid procedure call in an RPC request.
Sun Solaris 2.6
Sun Sunos 5.7
Sun Solaris 8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »