Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Recent vulnerabilities and exploits

NA
CVE-2022-38149
HashiCorp Consul Template through 0.29.1 inserts Sensitive Information into a Log File....
NA
CVE-2022-36190
GPAC mp4box 2.1-DEV-revUNKNOWN-master has a use-after-free vulnerability in function gf_isom_dovi_config_get. This vulnerability was fixed in commit fef6242....
NA
CVE-2022-36186
A Null Pointer dereference vulnerability exists in GPAC 2.1-DEV-revUNKNOWN-master via the function gf_filter_pid_set_property_full () at filter_core/filter_pid.c:5250,which causes a Denial of Service (DoS). This vulnerability was fixed in commit b43f9d1....
NA
CVE-2021-45454
Ampere Altra before SRP 1.08b and Altra Max? before SRP 2.05 allow information disclosure of power telemetry via HWmon....
NA
CVE-2022-37459
Ampere Altra devices before 1.08g and Ampere Altra Max devices before 2.05a allow attackers to control the predictions for return addresses and potentially hijack code flow to execute arbitrary code via a side-channel attack, aka a "Retbleed" issue....
10
CVSSv3
CVE-2020-6364
SAP Solution Manager and SAP Focused Run (update provided in WILY_INTRO_ENTERPRISE 9.7, 10.1, 10.5, 10.7), allows an attacker to modify a cookie in a way that OS commands can be executed and potentially gain control over the host running the CA Introscope Enterprise...
Sap Introscope Enterprise Manager 9.7Sap Introscope Enterprise Manager 10.1Sap Introscope Enterprise Manager 10.5Sap Introscope Enterprise Manager 10.7
8.8
CVSSv3
CVE-2016-5314
Buffer overflow in the PixarLogDecode function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by overwriting the...
Libtiff LibtiffOpensuse Opensuse 13.2Opensuse Opensuse 13.1Opensuse Leap 42.1Redhat Enterprise Linux 7.0Redhat Enterprise Linux 6.0Debian Debian Linux 9.0Debian Debian Linux 8.0
NA
CVE-2022-2871
Cross-site Scripting (XSS) - Stored in GitHub repository notrinos/notrinoserp prior to 0.7....
8.8
CVSSv3
CVE-2021-40420
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 11.1.0.52543. A specially-crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick...
Foxit Pdf Reader 11.1.0.52543
9.8
CVSSv3
CVE-2018-1285
Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. This allows for XXE-based attacks in applications that accept attacker-controlled log4net configuration files....
Apache Log4netFedoraproject Fedora 30Fedoraproject Fedora 31Fedoraproject Fedora 32Oracle Application Testing Suite 13.3.0.1Oracle Hospitality Simphony 19.1.3Oracle Hospitality Simphony 18.2.7.2Oracle Hospitality Opera 5 5.5Oracle Hospitality Opera 5 5.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-30216administrator privilegesreflected XSSCVE-2022-35011CVE-2022-34713CVE-2022-35009CVE-2022-35479CVE-2022-1410authentication bypass
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook