Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
anchor vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-0806
The Off Main Thread Compositing (OMTC) implementation in Mozilla Firefox prior to 37.0 attempts to use memset for a memory region of negative length during interaction with the mozilla::layers::BufferTextureClient::AllocateForSurface function, which allows remote malicious users ...
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Mozilla Firefox
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
NA
CVE-2015-0802
Mozilla Firefox prior to 37.0 relies on docshell type information instead of page principal information for Window.webidl access control, which might allow remote malicious users to execute arbitrary JavaScript code with chrome privileges via certain content navigation that lever...
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Mozilla Firefox
1 EDB exploit
1 Github repository
7.5
CVSSv3
CVE-2019-6475
Mirror zones are a BIND feature allowing recursive servers to pre-cache zone data provided by other servers. A mirror zone is similar to a zone of type secondary, except that its data is subject to DNSSEC validation before being used in answers, as if it had been looked up via tr...
Isc Bind
7.5
CVSSv3
CVE-2018-5743
By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit...
F5 Big-ip Local Traffic Manager
F5 Big-ip Local Traffic Manager 15.0.0
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Acceleration Manager 15.0.0
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 15.0.0
F5 Big-ip Analytics
F5 Big-ip Analytics 15.0.0
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 15.0.0
F5 Big-ip Application Security Manager
F5 Big-ip Application Security Manager 15.0.0
F5 Big-ip Edge Gateway
F5 Big-ip Edge Gateway 15.0.0
F5 Big-ip Fraud Protection Service
F5 Big-ip Fraud Protection Service 15.0.0
F5 Big-ip Global Traffic Manager
F5 Big-ip Global Traffic Manager 15.0.0
F5 Big-ip Link Controller
F5 Big-ip Link Controller 15.0.0
F5 Big-ip Webaccelerator
F5 Big-ip Webaccelerator 15.0.0
3 Github repositories
6.1
CVSSv3
CVE-2020-1927
In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.
Apache Http Server
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
Netapp Oncommand Unified Manager Core Package -
Broadcom Brocade Fabric Operating System -
Oracle Sd-wan Aware 8.2
Oracle Instantis Enterprisetrack
Oracle Communications Element Manager 8.2.0
Oracle Communications Element Manager 8.2.1
Oracle Communications Element Manager 8.1.1
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Communications Session Report Manager 8.1.1
Oracle Communications Session Report Manager 8.2.0
Oracle Communications Session Report Manager 8.2.1
Oracle Communications Session Route Manager 8.1.1
Oracle Communications Session Route Manager 8.2.0
1 Github repository
9.8
CVSSv3
CVE-2022-22965
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e....
Vmware Spring Framework
Cisco Cx Cloud Agent
Oracle Sd-wan Edge 9.0
Oracle Retail Xstore Point Of Service 20.0.1
Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.7.0
Oracle Financial Services Analytical Applications Infrastructure 8.1.1
Oracle Sd-wan Edge 9.1
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Oracle Product Lifecycle Analytics 3.6.1
Oracle Financial Services Enterprise Case Management 8.1.1.0
Oracle Financial Services Enterprise Case Management 8.1.1.1
Oracle Financial Services Behavior Detection Platform 8.1.2.0
Oracle Financial Services Behavior Detection Platform 8.1.1.1
Oracle Financial Services Behavior Detection Platform 8.1.1.0
Oracle Communications Cloud Native Core Console 1.9.0
Oracle Communications Cloud Native Core Policy 1.15.0
Oracle Communications Cloud Native Core Unified Data Repository 1.15.0
Oracle Communications Cloud Native Core Unified Data Repository 22.1.0
Oracle Communications Cloud Native Core Security Edge Protection Proxy 22.1.0
174 Github repositories
7 Articles
7
CVSSv3
CVE-2022-48689
In the Linux kernel, the following vulnerability has been resolved: tcp: TX zerocopy should not sense pfmemalloc status We got a recent syzbot report [1] showing a possible misuse of pfmemalloc page status in TCP zerocopy paths. Indeed, for pages coming from user space or other l...
Linux Linux Kernel
NA
CVE-2007-0045
Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat Reader Plugin prior to 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x prior to 7.1.4, 8.x prior to 8.1.7, and 9.x prior to 9.2, for Mozilla Firefox, Microsoft Internet Explorer 6 SP1, Google Ch...
Adobe Acrobat 7.0.2
Adobe Acrobat 7.0.6
Adobe Acrobat 7.0.7
Adobe Acrobat Reader 6.0
Adobe Acrobat Reader 6.0.1
Adobe Acrobat Reader 7.0.2
Adobe Acrobat Reader 7.0.3
Adobe Acrobat 7.0.4
Adobe Acrobat 7.0.8
Adobe Acrobat 7.0
Adobe Acrobat Reader 6.0.4
Adobe Acrobat Reader 6.0.5
Adobe Acrobat Reader 7.0.6
Adobe Acrobat Reader 7.0.7
Adobe Acrobat 7.0.3
Adobe Acrobat Reader 6.0.2
Adobe Acrobat Reader 6.0.3
Adobe Acrobat Reader 7.0.4
Adobe Acrobat Reader 7.0.5
Adobe Acrobat 7.0.1
Adobe Acrobat 7.0.5
Adobe Acrobat 3d
7.4
CVSSv3
CVE-2021-3450
The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve paramet...
Openssl Openssl
Freebsd Freebsd 12.2
Netapp Santricity Smi-s Provider Firmware -
Netapp Storagegrid Firmware -
Windriver Linux -
Windriver Linux 18.0
Windriver Linux 19.0
Windriver Linux 17.0
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Ontap Select Deploy Administration Utility -
Netapp Cloud Volumes Ontap Mediator -
Fedoraproject Fedora 34
Tenable Nessus Agent
Tenable Nessus
Tenable Nessus Network Monitor 5.11.1
Tenable Nessus Network Monitor 5.12.0
Tenable Nessus Network Monitor 5.12.1
Tenable Nessus Network Monitor 5.13.0
Tenable Nessus Network Monitor 5.11.0
Oracle Jd Edwards World Security A9.4
Oracle Weblogic Server 12.2.1.4.0
1 Github repository
1 Article
7.5
CVSSv3
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Ietf Http 2.0
Nghttp2 Nghttp2
Netty Netty
Envoyproxy Envoy 1.27.0
Envoyproxy Envoy 1.26.4
Envoyproxy Envoy 1.25.9
Envoyproxy Envoy 1.24.10
Eclipse Jetty
Caddyserver Caddy
Golang Http2
Golang Go
Golang Networking
F5 Big-ip Analytics
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Domain Name System
F5 Big-ip Application Security Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
35 Github repositories
2 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »