Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Recent vulnerabilities and exploits

7.6
CVSSv3
CVE-2020-25647
A flaw was found in grub2 in versions prior to 2.06. During USB device initialization, descriptors are read with very little bounds checking and assumes the USB device is providing sane values. If properly exploited, an attacker could trigger memory corruption leading to...
Gnu Grub2Redhat Enterprise Linux Server Aus 7.2Redhat Enterprise Linux Workstation 7.0Redhat Enterprise Linux 7.0Redhat Enterprise Linux Server Aus 7.3Redhat Enterprise Linux Server Aus 7.4Redhat Enterprise Linux Server Tus 7.4Redhat Enterprise Linux Server Tus 7.6Redhat Enterprise Linux Server Eus 7.6Redhat Enterprise Linux Server Aus 7.6Redhat Enterprise Linux 8.0Redhat Enterprise Linux Server Aus 7.7Redhat Enterprise Linux Server Aus 8.2Redhat Enterprise Linux Server Eus 7.7Redhat Enterprise Linux Server Eus 8.1Redhat Enterprise Linux Server Tus 7.7Redhat Enterprise Linux Server Tus 8.2Fedoraproject Fedora 33Fedoraproject Fedora 34Netapp Ontap Select Deploy Administration Utility -
6.7
CVSSv3
CVE-2020-27749
A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a...
Gnu Grub2Redhat Enterprise Linux Server Aus 7.2Redhat Enterprise Linux Workstation 7.0Redhat Enterprise Linux 7.0Redhat Enterprise Linux Server Aus 7.3Redhat Enterprise Linux Server Aus 7.4Redhat Enterprise Linux Server Tus 7.4Redhat Enterprise Linux Server Tus 7.6Redhat Enterprise Linux Server Eus 7.6Redhat Enterprise Linux Server Aus 7.6Redhat Enterprise Linux 8.0Redhat Enterprise Linux Server Aus 7.7Redhat Enterprise Linux Server Aus 8.2Redhat Enterprise Linux Server Eus 7.7Redhat Enterprise Linux Server Eus 8.1Redhat Enterprise Linux Server Tus 7.7Redhat Enterprise Linux Server Tus 8.2Fedoraproject Fedora 33Fedoraproject Fedora 34Netapp Ontap Select Deploy Administration Utility -
7.5
CVSSv3
CVE-2020-14372
A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table (SSDT) containing code to overwrite the...
Gnu Grub2Redhat Enterprise Linux Server Aus 7.2Redhat Enterprise Linux Workstation 7.0Redhat Enterprise Linux 7.0Redhat Enterprise Linux Server Aus 7.3Redhat Enterprise Linux Server Aus 7.4Redhat Enterprise Linux Server Tus 7.4Redhat Enterprise Linux Server Tus 7.6Redhat Enterprise Linux Server Eus 7.6Redhat Enterprise Linux Server Aus 7.6Redhat Enterprise Linux 8.0Redhat Enterprise Linux Server Eus 7.7Redhat Enterprise Linux Server Aus 7.7Redhat Enterprise Linux Server Tus 7.7Redhat Enterprise Linux Server Eus 8.1Redhat Enterprise Linux Server Tus 8.2Redhat Enterprise Linux Server Aus 8.2Fedoraproject Fedora 33Fedoraproject Fedora 34Netapp Cloud Backup -Netapp Ontap Select Deploy Administration Utility -
6.7
CVSSv3
CVE-2021-20225
A flaw was found in grub2 in versions prior to 2.06. The option parser allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific short forms of options. The highest threat from this vulnerability is to data...
Gnu Grub2Redhat Enterprise Linux 7.0Redhat Enterprise Linux 8.0Redhat Enterprise Linux Server Aus 7.2Redhat Enterprise Linux Server Aus 7.3Redhat Enterprise Linux Server Aus 7.4Redhat Enterprise Linux Server Aus 7.6Redhat Enterprise Linux Server Aus 7.7Redhat Enterprise Linux Server Aus 8.2Redhat Enterprise Linux Server Eus 7.6Redhat Enterprise Linux Server Eus 7.7Redhat Enterprise Linux Server Eus 8.1Redhat Enterprise Linux Server Tus 7.4Redhat Enterprise Linux Server Tus 7.6Redhat Enterprise Linux Server Tus 7.7Redhat Enterprise Linux Server Tus 8.2Redhat Enterprise Linux Workstation 7.0Fedoraproject Fedora 33Fedoraproject Fedora 34Netapp Ontap Select Deploy Administration Utility -
8.2
CVSSv3
CVE-2021-20233
A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() in the menu rendering code performs a length calculation on the assumption that expressing a quoted single quote will require 3 characters, while it actually requires 4 characters which allows an attacker to...
Gnu Grub2Redhat Enterprise Linux 7.0Redhat Enterprise Linux 8.0Redhat Enterprise Linux Server Aus 7.2Redhat Enterprise Linux Server Aus 7.3Redhat Enterprise Linux Server Aus 7.4Redhat Enterprise Linux Server Aus 7.6Redhat Enterprise Linux Server Aus 7.7Redhat Enterprise Linux Server Aus 8.2Redhat Enterprise Linux Server Eus 7.6Redhat Enterprise Linux Server Eus 7.7Redhat Enterprise Linux Server Eus 8.1Redhat Enterprise Linux Server Tus 7.4Redhat Enterprise Linux Server Tus 7.6Redhat Enterprise Linux Server Tus 7.7Redhat Enterprise Linux Server Tus 8.2Redhat Enterprise Linux Workstation 7.0Fedoraproject Fedora 33Fedoraproject Fedora 34Netapp Ontap Select Deploy Administration Utility -
6.4
CVSSv3
CVE-2020-14308
In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity, confidentiality and...
Gnu Grub2Opensuse Leap 15.1Opensuse Leap 15.2
NA
CVE-2022-35117
Clinic's Patient Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via update_medicine_details.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Packing text...
NA
CVE-2022-2849
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0219....
NA
CVE-2022-38392
A certain 5400 RPM OEM hard drive, as shipped with laptop PCs in approximately 2005, allows physically proximate attackers to cause a denial of service (device malfunction and system crash) via a resonant-frequency attack with the audio signal from the Rhythm Nation music video....
9.8
CVSSv3
CVE-2019-10692
In the wp-google-maps plugin before 7.11.18 for WordPress, includes/class.rest-api.php in the REST API does not sanitize field names before a SELECT statement....
Codecabin Wp Google Maps
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-30216administrator privilegesreflected XSSCVE-2022-35011CVE-2022-34713CVE-2022-35009CVE-2022-35479CVE-2022-1410authentication bypass
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook