Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ascii vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2021-43843
jsx-slack is a package for building JSON objects for Slack block kit surfaces from JSX. The maintainers found the patch for CVE-2021-43838 in jsx-slack v4.5.1 is insufficient tfor protection from a Regular Expression Denial of Service (ReDoS) attack. If an attacker can put a lot ...
Jsx-slack Project Jsx-slack
668
VMScore
CVE-2021-44538
The olm_session_describe function in Matrix libolm prior to 3.2.7 is vulnerable to a buffer overflow. The Olm session object represents a cryptographic channel between two parties. Therefore, its state is partially controllable by the remote party of the channel. Attackers can co...
Matrix Element
Matrix Javascript Sdk
Matrix Olm
Schildi Schildichat
Cinny Project Cinny
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
570
VMScore
CVE-2020-9044
XXE vulnerability exists in the Metasys family of product Web Services which has the potential to facilitate DoS attacks or harvesting of ASCII server files. This affects Johnson Controls' Metasys Application and Data Server (ADS, ADS-Lite) versions 10.1 and prior; Metasys E...
Johnsoncontrols Metasys Application And Data Server
Johnsoncontrols Metasys Extended Application And Data Server
Johnsoncontrols Metasys Lonworks Control Server
Johnsoncontrols Metasys Open Application Server 10.1
Johnsoncontrols Metasys Open Data Server
Johnsoncontrols Metasys System Configuration Tool
Johnsoncontrols Nae55 Firmware 9.0.1
Johnsoncontrols Nae55 Firmware 9.0.2
Johnsoncontrols Nae55 Firmware 9.0.3
Johnsoncontrols Nae55 Firmware 9.0.5
Johnsoncontrols Nae55 Firmware 9.0.6
Johnsoncontrols Nie55 Firmware 9.0.1
Johnsoncontrols Nie55 Firmware 9.0.2
Johnsoncontrols Nie55 Firmware 9.0.3
Johnsoncontrols Nie55 Firmware 9.0.5
Johnsoncontrols Nie55 Firmware 9.0.6
Johnsoncontrols Nie59 Firmware 9.0.1
Johnsoncontrols Nie59 Firmware 9.0.2
Johnsoncontrols Nie59 Firmware 9.0.3
Johnsoncontrols Nie59 Firmware 9.0.5
Johnsoncontrols Nie59 Firmware 9.0.6
Johnsoncontrols Nae85 Firmware
383
VMScore
CVE-2007-1262
Multiple cross-site scripting (XSS) vulnerabilities in the HTML filter in SquirrelMail 1.4.0 up to and including 1.4.9a allow remote malicious users to inject arbitrary web script or HTML via the (1) data: URI in an HTML e-mail attachment or (2) various non-ASCII character sets t...
Squirrelmail Squirrelmail 1.4.3 R3
Squirrelmail Squirrelmail 1.4.3 Rc1
Squirrelmail Squirrelmail 1.4.6 Cvs
Squirrelmail Squirrelmail 1.4.6 Rc1
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.4.5
Squirrelmail Squirrelmail 1.4.6
Squirrelmail Squirrelmail 1.4.3a
Squirrelmail Squirrelmail 1.4.3aa
Squirrelmail Squirrelmail 1.4.7
Squirrelmail Squirrelmail 1.4.8
Squirrelmail Squirrelmail 1.4.0
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.4
Squirrelmail Squirrelmail 1.4.4 Rc1
Squirrelmail Squirrelmail 1.4.9
Squirrelmail Squirrelmail 1.4.9a
294
VMScore
CVE-2010-3316
The run_coprocess function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) prior to 1.1.2 does not check the return values of the setuid, setgid, and setgroups system calls, which might allow local users to read arbitrary files by executing a program that relies on ...
Linux-pam Linux-pam 0.99.1.0
Linux-pam Linux-pam 0.99.2.0
Linux-pam Linux-pam 0.99.2.1
Linux-pam Linux-pam 0.99.3.0
Linux-pam Linux-pam 0.99.4.0
Linux-pam Linux-pam 0.99.5.0
Linux-pam Linux-pam 0.99.6.0
Linux-pam Linux-pam 0.99.6.1
Linux-pam Linux-pam 0.99.6.2
Linux-pam Linux-pam 0.99.6.3
Linux-pam Linux-pam 0.99.7.0
Linux-pam Linux-pam 0.99.7.1
Linux-pam Linux-pam 0.99.8.0
Linux-pam Linux-pam 0.99.8.1
Linux-pam Linux-pam 0.99.9.0
Linux-pam Linux-pam 0.99.10.0
Linux-pam Linux-pam 1.0.0
Linux-pam Linux-pam 1.0.1
Linux-pam Linux-pam 1.0.2
Linux-pam Linux-pam 1.0.3
Linux-pam Linux-pam 1.0.4
Linux-pam Linux-pam 1.1.0
436
VMScore
CVE-2010-4706
The pam_sm_close_session function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and previous versions does not properly handle a failure to determine a certain target uid, which might allow local users to delete unintended files by executing a program that r...
Linux-pam Linux-pam 0.99.1.0
Linux-pam Linux-pam 0.99.2.0
Linux-pam Linux-pam 0.99.2.1
Linux-pam Linux-pam 0.99.3.0
Linux-pam Linux-pam 0.99.4.0
Linux-pam Linux-pam 0.99.5.0
Linux-pam Linux-pam 0.99.6.0
Linux-pam Linux-pam 0.99.6.1
Linux-pam Linux-pam 0.99.6.2
Linux-pam Linux-pam 0.99.6.3
Linux-pam Linux-pam 0.99.7.0
Linux-pam Linux-pam 0.99.7.1
Linux-pam Linux-pam 0.99.8.0
Linux-pam Linux-pam 0.99.8.1
Linux-pam Linux-pam 0.99.9.0
Linux-pam Linux-pam 0.99.10.0
Linux-pam Linux-pam 1.0.0
Linux-pam Linux-pam 1.0.1
Linux-pam Linux-pam 1.0.2
Linux-pam Linux-pam 1.0.3
Linux-pam Linux-pam 1.0.4
Linux-pam Linux-pam 1.1.0
436
VMScore
CVE-2010-4707
The check_acl function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and previous versions does not verify that a certain ACL file is a regular file, which might allow local users to cause a denial of service (resource consumption) via a special file.
Linux-pam Linux-pam 0.99.1.0
Linux-pam Linux-pam 0.99.2.0
Linux-pam Linux-pam 0.99.2.1
Linux-pam Linux-pam 0.99.3.0
Linux-pam Linux-pam 0.99.4.0
Linux-pam Linux-pam 0.99.5.0
Linux-pam Linux-pam 0.99.6.0
Linux-pam Linux-pam 0.99.6.1
Linux-pam Linux-pam 0.99.6.2
Linux-pam Linux-pam 0.99.6.3
Linux-pam Linux-pam 0.99.7.0
Linux-pam Linux-pam 0.99.7.1
Linux-pam Linux-pam 0.99.8.0
Linux-pam Linux-pam 0.99.8.1
Linux-pam Linux-pam 0.99.9.0
Linux-pam Linux-pam 0.99.10.0
Linux-pam Linux-pam 1.0.0
Linux-pam Linux-pam 1.0.1
Linux-pam Linux-pam 1.0.2
Linux-pam Linux-pam 1.0.3
Linux-pam Linux-pam 1.0.4
Linux-pam Linux-pam 1.1.0
614
VMScore
CVE-2010-3853
pam_namespace.c in the pam_namespace module in Linux-PAM (aka pam) prior to 1.1.3 uses the environment of the invoking application or service during execution of the namespace.init script, which might allow local users to gain privileges by running a setuid program that relies on...
Linux-pam Linux-pam 1.0.4
Linux-pam Linux-pam 1.0.2
Linux-pam Linux-pam 1.1.0
Linux-pam Linux-pam 0.99.7.1
Linux-pam Linux-pam 0.99.8.0
Linux-pam Linux-pam 1.0.3
Linux-pam Linux-pam 1.1.1
Linux-pam Linux-pam 0.99.6.3
Linux-pam Linux-pam 0.99.7.0
Linux-pam Linux-pam 0.99.4.0
Linux-pam Linux-pam
Linux-pam Linux-pam 0.99.9.0
Linux-pam Linux-pam 0.99.8.1
Linux-pam Linux-pam 0.99.6.1
Linux-pam Linux-pam 0.99.6.2
Linux-pam Linux-pam 0.99.2.1
Linux-pam Linux-pam 0.99.3.0
Linux-pam Linux-pam 1.0.1
Linux-pam Linux-pam 1.0.0
Linux-pam Linux-pam 0.99.5.0
Linux-pam Linux-pam 0.99.6.0
Linux-pam Linux-pam 0.99.10.0
418
VMScore
CVE-2010-3435
The (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) prior to 1.1.2 use root privileges during read access to files and directories that belong to arbitrary user accounts, which might allow local users to obtain sensitive information by leveraging this filesystem activ...
Linux-pam Linux-pam 0.99.1.0
Linux-pam Linux-pam 0.99.2.0
Linux-pam Linux-pam 0.99.2.1
Linux-pam Linux-pam 0.99.3.0
Linux-pam Linux-pam 0.99.4.0
Linux-pam Linux-pam 0.99.5.0
Linux-pam Linux-pam 0.99.6.0
Linux-pam Linux-pam 0.99.6.1
Linux-pam Linux-pam 0.99.6.2
Linux-pam Linux-pam 0.99.6.3
Linux-pam Linux-pam 0.99.7.0
Linux-pam Linux-pam 0.99.7.1
Linux-pam Linux-pam 0.99.8.0
Linux-pam Linux-pam 0.99.8.1
Linux-pam Linux-pam 0.99.9.0
Linux-pam Linux-pam 0.99.10.0
Linux-pam Linux-pam 1.0.0
Linux-pam Linux-pam 1.0.1
Linux-pam Linux-pam 1.0.2
Linux-pam Linux-pam 1.0.3
Linux-pam Linux-pam 1.0.4
Linux-pam Linux-pam 1.1.0
445
VMScore
CVE-2002-0986
The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote malicious users to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy."
Php Php 4.0.3
Php Php 4.2.0
Php Php 4.2.1
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.1.1
Php Php 4.1.2
Php Php 3.0.18
Php Php 4.0
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.2.2
Php Php 4.0.7
Php Php 4.1.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »