Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
Recent vulnerabilities and exploits
NA
CVE-2022-38149
HashiCorp Consul Template through 0.29.1 inserts Sensitive Information into a Log File....
NA
CVE-2022-36190
GPAC mp4box 2.1-DEV-revUNKNOWN-master has a use-after-free vulnerability in function gf_isom_dovi_config_get. This vulnerability was fixed in commit fef6242....
NA
CVE-2022-36186
A Null Pointer dereference vulnerability exists in GPAC 2.1-DEV-revUNKNOWN-master via the function gf_filter_pid_set_property_full () at filter_core/filter_pid.c:5250,which causes a Denial of Service (DoS). This vulnerability was fixed in commit b43f9d1....
NA
CVE-2021-45454
Ampere Altra before SRP 1.08b and Altra Max? before SRP 2.05 allow information disclosure of power telemetry via HWmon....
NA
CVE-2022-37459
Ampere Altra devices before 1.08g and Ampere Altra Max devices before 2.05a allow attackers to control the predictions for return addresses and potentially hijack code flow to execute arbitrary code via a side-channel attack, aka a "Retbleed" issue....
10
CVSSv3
CVE-2020-6364
SAP Solution Manager and SAP Focused Run (update provided in WILY_INTRO_ENTERPRISE 9.7, 10.1, 10.5, 10.7), allows an attacker to modify a cookie in a way that OS commands can be executed and potentially gain control over the host running the CA Introscope Enterprise...
Sap Introscope Enterprise Manager 9.7
Sap Introscope Enterprise Manager 10.1
Sap Introscope Enterprise Manager 10.5
Sap Introscope Enterprise Manager 10.7
2 Github repositories available
2 Articles available
8.8
CVSSv3
CVE-2016-5314
Buffer overflow in the PixarLogDecode function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by overwriting the...
Libtiff Libtiff
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Opensuse Leap 42.1
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
5 Github repositories available
NA
CVE-2022-2871
Cross-site Scripting (XSS) - Stored in GitHub repository notrinos/notrinoserp prior to 0.7....
8.8
CVSSv3
CVE-2021-40420
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 11.1.0.52543. A specially-crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick...
Foxit Pdf Reader 11.1.0.52543
2 Github repositories available
9.8
CVSSv3
CVE-2018-1285
Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. This allows for XXE-based attacks in applications that accept attacker-controlled log4net configuration files....
Apache Log4net
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Oracle Application Testing Suite 13.3.0.1
Oracle Hospitality Simphony 19.1.3
Oracle Hospitality Simphony 18.2.7.2
Oracle Hospitality Opera 5 5.5
Oracle Hospitality Opera 5 5.6
4 Github repositories available
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-30216
administrator privileges
reflected XSS
CVE-2022-35011
CVE-2022-34713
CVE-2022-35009
CVE-2022-35479
CVE-2022-1410
authentication bypass
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »