Vulmon
Recent Vulnerabilities
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
Recent vulnerabilities and exploits
NA
CVE-2021-22873
[REVIVE-SA-2021-001] Revive Adserver Vulnerabilities...
NA
CVE-2020-20269
CVE-2020-20269 - Caret Editor v4.0.0-rc21 Remote Code Execution...
NA
CVE-2021-22872
[REVIVE-SA-2021-001] Revive Adserver Vulnerabilities...
NA
CVE-2021-22871
[REVIVE-SA-2021-001] Revive Adserver Vulnerabilities...
4.3
CVSSv2
CVE-2020-8960
Western Digital mycloud.com before Web Version 2.2.0-134 allows XSS....
Westerndigital Mycloud.com
1 Github repository available
3.5
CVSSv2
CVE-2019-12417
A malicious admin user could edit the state of objects in the Airflow metadata database to execute arbitrary javascript on certain page views. This also presented a Local File Disclosure vulnerability to any file readable by the webserver process....
Apache Airflow
1 Github repository available
7.5
CVSSv2
CVE-2020-8147
Flaw in input validation in npm package utils-extend version 1.0.8 and earlier may allow prototype pollution attack that may result in remote code execution or denial of service of applications using utils-extend....
Utils-extend Project Utils-extend
3 Github repositories available
NA
CVE-2021-21259
HedgeDoc is open source software which lets you create real-time collaborative markdown notes. In HedgeDoc before version 1.7.2, an attacker can inject arbitrary JavaScript into a HedgeDoc note, which is executed when the note is viewed in slide mode. Depending on the...
6.4
CVSSv2
CVE-2020-26259
XStream is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling as long as the executing process has sufficient rights. All versions until and including version 1.4.14 are affected running in a Java environment containing the JAX-WS runtime, if using the...
Xstream Project Xstream
6 Github repositories available
7.2
CVSSv2
CVE-2020-3367
A vulnerability in the log subscription subsystem of Cisco AsyncOS for the Cisco Secure Web Appliance (formerly Web Security Appliance) could allow an authenticated, local attacker to perform command injection and elevate privileges to root. This vulnerability is due to...
Cisco Asyncos
1 Article available
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-3691
insecure direct object reference
CVE-2021-1140
CVE-2021-2109
information disclosure
CVE-2021-1303
CVE-2021-1304
IDOR
CVE-2020-14882
« PREV
1
2
3
4
5
6
7
8
9
10
11
NEXT »