Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
inspector vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2020-9893
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause u...
Apple Tvos
Apple Iphone Os
Apple Icloud
Apple Itunes
Apple Safari
Apple Watchos
Apple Ipados
1 Article
4.3
CVSSv2
CVE-2020-9915
An access issue existed in Content Security Policy. This issue was addressed with improved access restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20...
Apple Tvos
Apple Iphone Os
Apple Icloud
Apple Itunes
Apple Safari
Apple Watchos
Apple Ipados
7.5
CVSSv2
CVE-2014-4043
The posix_spawn_file_actions_addopen function in glibc prior to 2.20 does not copy its path argument in accordance with the POSIX specification, which allows context-dependent malicious users to trigger use-after-free vulnerabilities.
Gnu Glibc
Opensuse Opensuse 13.1
1 Github repository
4.3
CVSSv2
CVE-2009-1714
Cross-site scripting (XSS) vulnerability in Web Inspector in WebKit in Apple Safari prior to 4.0 allows user-assisted remote malicious users to inject arbitrary web script or HTML, and read local files, via vectors related to the improper escaping of HTML attributes.
Apple Safari 3.0
Apple Safari 3.0.3
Apple Safari 1.0.3
Apple Safari 1.1
Apple Safari 2.0.4
Apple Safari 3.2.1
Apple Safari 3.1
Apple Safari 3.1.2
Apple Safari 1.3.1
Apple Safari 1.3.2
Apple Safari 0.9
Apple Safari 3.0.4
Apple Safari 3.1.1
Apple Safari 1.2
Apple Safari 1.3
Apple Safari 3.2.3
Apple Safari
Apple Safari 3.0.2
Apple Safari 0.8
Apple Safari 1.0
Apple Safari 2.0
Apple Safari 2.0.2
7.8
CVSSv2
CVE-2014-9402
The nss_dns implementation of getnetbyname in GNU C Library (aka glibc) prior to 2.21, when the DNS backend in the Name Service Switch configuration is enabled, allows remote malicious users to cause a denial of service (infinite loop) by sending a positive answer while a network...
Gnu Glibc
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 10.04
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
7.2
CVSSv2
CVE-2015-5277
The get_contents function in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) prior to 2.20 might allow local users to cause a denial of service (heap corruption) or gain privileges via a long line in the NSS files database.
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Hpc Node 7.0
Gnu Glibc
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
7.2
CVSSv2
CVE-2010-3856
ld.so in the GNU C Library (aka glibc or libc6) prior to 2.11.3, and 2.12.x prior to 2.12.2, does not properly restrict use of the LD_AUDIT environment variable to reference dynamic shared objects (DSOs) as audit objects, which allows local users to gain privileges by leveraging ...
Gnu Glibc 2.2.2
Gnu Glibc 2.9
Gnu Glibc 2.7
Gnu Glibc 2.1.2
Gnu Glibc 2.11
Gnu Glibc 2.0.5
Gnu Glibc 2.2.5
Gnu Glibc 2.0.6
Gnu Glibc 2.10.1
Gnu Glibc 1.00
Gnu Glibc 1.06
Gnu Glibc 2.1.1
Gnu Glibc 1.02
Gnu Glibc 2.0.3
Gnu Glibc 1.07
Gnu Glibc 2.3.1
Gnu Glibc 2.3
Gnu Glibc 2.12.0
Gnu Glibc 2.0
Gnu Glibc 2.1.1.6
Gnu Glibc 1.04
Gnu Glibc 1.01
3 EDB exploits
4.3
CVSSv2
CVE-2009-1681
WebKit in Apple Safari prior to 4.0, iPhone OS 1.0 up to and including 2.2.1, and iPhone OS for iPod touch 1.1 up to and including 2.2.1 does not prevent web sites from loading third-party content into a subframe, which allows remote malicious users to bypass the Same Origin Poli...
Apple Safari 3.1.2
Apple Safari 0.8
Apple Safari 2.0.2
Apple Safari 2.0.4
Apple Safari 3.0
Apple Safari 3.0.4
Apple Safari 1.2
Apple Safari 1.3
Apple Safari
Apple Safari 3.0.2
Apple Safari 3.1.1
Apple Safari 3.1
Apple Safari 1.3.1
Apple Safari 1.3.2
Apple Safari 2.0
Apple Safari 0.9
Apple Safari 3.0.3
Apple Safari 1.0
Apple Safari 1.1
Apple Safari 3.2.1
Apple Safari 3.2.3
Apple Safari 1.0.3
4.3
CVSSv2
CVE-2009-1684
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari prior to 4.0, iPhone OS 1.0 up to and including 2.2.1, and iPhone OS for iPod touch 1.1 up to and including 2.2.1 allows remote malicious users to inject arbitrary web script or HTML via an event handler that trig...
Apple Safari 3.1.1
Apple Safari 3.1
Apple Safari 1.3.1
Apple Safari 1.3.2
Apple Safari 3.0.2
Apple Safari 0.9
Apple Safari 1.0
Apple Safari 1.1
Apple Safari 2.0.4
Apple Safari 3.2.1
Apple Safari 3.0.4
Apple Safari 1.0.3
Apple Safari 1.2
Apple Safari 1.3
Apple Safari 3.2.3
Apple Safari
Apple Safari 3.1.2
Apple Safari 0.8
Apple Safari 2.0
Apple Safari 2.0.2
Apple Safari 3.0.3
Apple Safari 3.0
1 EDB exploit
5.8
CVSSv2
CVE-2009-1693
WebKit in Apple Safari prior to 4.0, iPhone OS 1.0 up to and including 2.2.1, and iPhone OS for iPod touch 1.1 up to and including 2.2.1 allows remote malicious users to read images from arbitrary web sites via a CANVAS element with an SVG image, related to a "cross-site ima...
Apple Safari 3.0.4
Apple Safari 3.1.1
Apple Safari 1.2
Apple Safari 1.3
Apple Safari 1.3.1
Apple Safari
Apple Safari 3.0.2
Apple Safari 3.0
Apple Safari 3.0.3
Apple Safari 1.0.3
Apple Safari 1.1
Apple Safari 3.2.1
Apple Safari 3.2.3
Apple Safari 3.1
Apple Safari 3.1.2
Apple Safari 1.3.2
Apple Safari 2.0
Apple Safari 0.9
Apple Safari 0.8
Apple Safari 1.0
Apple Safari 2.0.2
Apple Safari 2.0.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »