Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ivan fratric vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2019-5838
Insufficient policy enforcement in extensions API in Google Chrome before 75.0.3770.80 allowed an attacker who convinced a user to install a malicious extension to bypass restrictions on file URIs via a crafted Chrome Extension.
Google Chrome
Opensuse Leap 42.3
Opensuse Leap 15.0
Opensuse Backports Sle-15
Opensuse Leap 15.1
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Debian Debian Linux 10.0
6.5
CVSSv3
CVE-2019-5842
Use after free in Blink in Google Chrome before 75.0.3770.90 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
6.5
CVSSv3
CVE-2019-5867
Out of bounds read in JavaScript in Google Chrome before 76.0.3809.100 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
5.5
CVSSv3
CVE-2019-5868
Use after free in PDFium in Google Chrome before 76.0.3809.100 allowed a remote malicious user to potentially exploit heap corruption via a crafted PDF file.
Google Chrome
6.5
CVSSv3
CVE-2019-5825
Out of bounds write in JavaScript in Google Chrome before 73.0.3683.86 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
1 EDB exploit
3 Github repositories
8.1
CVSSv3
CVE-2019-5849
Out of bounds read in Skia in Google Chrome before 75.0.3770.80 allowed a remote malicious user to obtain potentially sensitive information from process memory via a crafted HTML page.
Google Chrome
NA
CVE-2007-1277
WordPress 2.1.1, as downloaded from some official distribution sites during February and March 2007, contains an externally introduced backdoor that allows remote malicious users to execute arbitrary commands via (1) an eval injection vulnerability in the ix parameter to wp-inclu...
Wordpress Wordpress 2.1.1
2 EDB exploits
NA
CVE-2011-1999
Microsoft Internet Explorer 8 does not properly allocate and access memory, which allows remote malicious users to execute arbitrary code via vectors involving a "dereferenced memory address," aka "Select Element Remote Code Execution Vulnerability."
Microsoft Internet Explorer 8
1 EDB exploit
NA
CVE-2007-1548
SQL injection vulnerability in functions/functions_filters.asp in Web Wiz Forums prior to 8.05a (MySQL version) does not properly filter certain characters in SQL commands, which allows remote malicious users to execute arbitrary SQL commands via \"' (backslash double-q...
Webwizguide Web Wiz Forums 7.95
Webwizguide Web Wiz Forums 6
Webwizguide Web Wiz Forums 7.92
Webwizguide Web Wiz Forums 6.34
Webwizguide Web Wiz Forums 6.21
Webwizguide Web Wiz Forums 6.32
Webwizguide Web Wiz Forums 6.27
Webwizguide Web Wiz Forums 8.03
Webwizguide Web Wiz Forums 8.04
Webwizguide Web Wiz Forums 7
Webwizguide Web Wiz Forums 6.29
Webwizguide Web Wiz Forums 6.22
Webwizguide Web Wiz Forums 6.20
Webwizguide Web Wiz Forums 6.11
Webwizguide Web Wiz Forums 6.28
Webwizguide Web Wiz Forums 8
Webwizguide Web Wiz Forums 8.0
Webwizguide Web Wiz Forums 6.23
Webwizguide Web Wiz Forums 7.51
Webwizguide Web Wiz Forums 6.24
Webwizguide Web Wiz Forums 8.01
Webwizguide Web Wiz Forums 7.7
1 EDB exploit
NA
CVE-2007-1948
Buffer overflow in IrfanView 3.99 allows context-dependent malicious users to cause a denial of service and possibly execute arbitrary code via the (1) xoffset or (2) yoffset RLE command, or (3) large non-RLE encoded blocks in a crafted BMP image, as demonstrated by rle8of3.bmp a...
Irfanview Irfanview 3.99
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29824
CVE-2024-30095
CVE-2024-30104
client side
CVE-2024-5840
CVE-2024-34405
unprivileged
wireless
CVE-2024-4577
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »