Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
protection engine vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2006-6503
Mozilla Firefox 2.x prior to 2.0.0.1, 1.5.x prior to 1.5.0.9, Thunderbird prior to 1.5.0.9, and SeaMonkey prior to 1.0.7 allows remote malicious users to bypass cross-site scripting (XSS) protection by changing the src attribute of an IMG element to a javascript: URI.
Mozilla Firefox
Mozilla Seamonkey
Mozilla Thunderbird
Debian Debian Linux 4.0
Debian Debian Linux 3.1
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 5.10
570
VMScore
CVE-2022-1586
An out-of-bounds read vulnerability exists in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully...
Pcre Pcre2
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Netapp Ontap Select Deploy Administration Utility -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
570
VMScore
CVE-2015-4520
Mozilla Firefox prior to 41.0 and Firefox ESR 38.x prior to 38.3 allow remote malicious users to bypass CORS preflight protection mechanisms by leveraging (1) duplicate cache-key generation or (2) retrieval of a value from an incorrect HTTP Access-Control-* response header.
Mozilla Firefox Esr 38.2.1
Mozilla Firefox Esr 38.1.1
Mozilla Firefox Esr 38.2.0
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.1.0
Mozilla Firefox Esr 38.0
Mozilla Firefox Esr 38.0.1
Mozilla Firefox
534
VMScore
CVE-2008-5507
Mozilla Firefox 3.x prior to 3.0.5 and 2.x prior to 2.0.0.19, Thunderbird 2.x prior to 2.0.0.19, and SeaMonkey 1.x prior to 1.1.14 allow remote malicious users to bypass the same origin policy and access portions of data from another domain via a JavaScript URL that redirects to ...
Mozilla Firefox
Mozilla Seamonkey
Mozilla Thunderbird
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 8.04
Debian Debian Linux 4.0
Debian Debian Linux 5.0
516
VMScore
CVE-2021-30640
A vulnerability in the JNDI Realm of Apache Tomcat allows an malicious user to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm. This issue affects Apache Tomcat 10.0.0-M1 to 10.0.5; 9.0.0.M1 to 9.0.45; 8.5.0...
Apache Tomcat
Oracle Hospitality Cruise Shipboard Property Management System 20.1.0
Oracle Communications Diameter Signaling Router
Oracle Communications Pricing Design Center 12.0.0.3.0
Oracle Tekelec Platform Distribution
Oracle Communications Cloud Native Core Policy 1.14.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
516
VMScore
CVE-2020-3314
A vulnerability in the file scan process of Cisco AMP for Endpoints Mac Connector Software could cause the scan engine to crash during the scan of local files, resulting in a restart of the AMP Connector and a denial of service (DoS) condition of the Cisco AMP for Endpoints servi...
Cisco Advanced Malware Protection For Endpoints
516
VMScore
CVE-2019-19709
MediaWiki up to and including 1.33.1 allows malicious users to bypass the Title_blacklist protection mechanism by starting with an arbitrary title, establishing a non-resolvable redirect for the associated page, and using redirect=1 in the action API when editing that page.
Mediawiki Mediawiki
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 Github repository
516
VMScore
CVE-2012-2565
Bloxx Web Filtering prior to 5.0.14 does not use a salt during calculation of a password hash, which makes it easier for context-dependent malicious users to determine cleartext passwords via a rainbow-table approach.
Bloxx Web Filtering
510
VMScore
CVE-2010-1870
The OGNL extensive expression evaluation capability in XWork in Struts 2.0.0 up to and including 2.1.8.1, as used in Atlassian Fisheye, Crucible, and possibly other products, uses a permissive whitelist, which allows remote malicious users to modify server-side context objects an...
Apache Struts 2.0.8
Apache Struts 2.0.9
Apache Struts 2.0.3
Apache Struts 2.0.11.2
Apache Struts 2.0.11.1
Apache Struts 2.0.10
Apache Struts 2.0.5
Apache Struts 2.0.2
Apache Struts 2.1.5
Apache Struts 2.1.4
Apache Struts 2.0.1
Apache Struts 2.1.3
Apache Struts 2.1.2
Apache Struts 2.0.7
Apache Struts 2.0.11
Apache Struts 2.0.14
Apache Struts 2.0.13
Apache Struts 2.1.1
Apache Struts 2.1.0
Apache Struts 2.0.0
Apache Struts 2.0.6
Apache Struts 2.0.4
2 EDB exploits
1 Article
498
VMScore
CVE-2014-1213
Sophos Anti-Virus engine (SAVi) prior to 3.50.1, as used in VDL 4.97G 9.7.x prior to 9.7.9, 10.0.x prior to 10.0.11, and 10.3.x prior to 10.3.1 does not set an ACL for certain global and session objects, which allows local users to bypass anti-virus protection, cause a denial of ...
Sophos Sophos Anti-virus 10.0.11
Sophos Scanning Engine
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »