Vulmon
Recent Vulnerabilities
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
Recent vulnerabilities and exploits
4.3
CVSSv2
CVE-2020-12418
Manipulating individual parts of a URL object could have caused an out-of-bounds read, leaking process memory to malicious JavaScript. This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0....
NA
CVE-2020-15669
Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free when aborting an operation. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack...
NA
CVE-2020-26120
XSS exists in the MobileFrontend extension for MediaWiki before 1.34.4 because section.line is mishandled during regex section line replacement from PageGateway. Using crafted HTML, an attacker can elicit an XSS attack via jQuery's parseHTML method, which can cause image...
NA
CVE-2020-25869
An information leak was discovered in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. Handling of actor ID does not necessarily use the correct database or correct wiki....
NA
CVE-2020-26121
An issue was discovered in the FileImporter extension for MediaWiki before 1.34.4. An attacker can import a file even when the target page is protected against "page creation" and the attacker should not be able to create it. This occurs because of a mishandled...
7.5
CVSSv2
CVE-2019-17571
Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects...
12 Github repositories available
6.9
CVSSv2
CVE-2014-4943
The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket....
2 EDB exploits available
5 Github repositories available
9.3
CVSSv2
CVE-2016-2503
The Qualcomm GPU driver in Android before 2016-07-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28084795 and Qualcomm internal bug CR1006067....
2 Articles available
NA
CVE-2106-2504
Linux Kernel Exploitation Pull requests are welcome. Books 2014: "Android Hacker's Handbook" by Joshua J. Drake 2012: "A Guide to Kernel Exploitation: Attacking the Core" by Enrico Perla and Massimiliano Oldani Workshops 2020: "Android Kernel...
1 Github repository available
4.4
CVSSv2
CVE-2016-2059
The msm_ipc_router_bind_control_port function in net/ipc_router/ipc_router_core.c in the IPC router kernel module for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not verify that a port is a...
2 Github repositories available
2 Articles available
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cpanel
LFI
CVE-2020-26101
cross-site scripting
dos
CVE-2020-25223
CVE-2020-1895
CVE-2020-25747
CVE-2020-15802
CVE-2020-25134
« PREV
1
2
3
4
5
6
7
8
9
NEXT »
Vulmon