Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dhiraj mishra vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2019-3500
aria2c in aria2 1.33.1, when --log is used, can store an HTTP Basic Authentication username and password in a file, which might allow local users to obtain sensitive information by reading this file.
Aria2 Project Aria2 1.33.1
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
5.5
CVSSv3
CVE-2019-12477
Supra Smart Cloud TV allows remote file inclusion in the openLiveURL function, which allows a local malicious user to broadcast fake video without any authentication via a /remote/media_control?action=setUri&uri= URI.
Supra Stv-lc40lt0020f Firmware -
1 EDB exploit
2 Articles
8.8
CVSSv3
CVE-2019-6498
GattLib 0.2 has a stack-based buffer over-read in gattlib_connect in dbus/gattlib.c because strncpy is misused.
Labapart Gattlib 0.2
1 EDB exploit
6.5
CVSSv3
CVE-2017-15084
The web UI in Rapid7 Metasploit prior to 4.14.1-20170828 allows logout CSRF, aka R7-2017-22.
Rapid7 Metasploit
1 EDB exploit
7.8
CVSSv3
CVE-2019-10038
Evernote 7.9 on macOS allows malicious users to execute arbitrary programs by embedding a reference to a local executable file such as the /Applications/Calculator.app/Contents/MacOS/Calculator file.
Evernote Evernote 7.9
1 EDB exploit
6.5
CVSSv3
CVE-2017-1130
IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it would open up many file select dialog boxes which would cause the client hang and have to be restarted. IBM X-Force ID: 121371.
Ibm Inotes 8.5.3.0
Ibm Inotes 8.5.3.1
Ibm Inotes 8.5.3.6
Ibm Inotes 9.0.0.0
Ibm Inotes 8.5.1.5
Ibm Inotes 8.5.2.1
Ibm Inotes 9.0.1.1
Ibm Inotes 8.5.0.0
Ibm Inotes 8.5.1.0
Ibm Inotes 8.5.1.1
Ibm Inotes 8.5.2.0
Ibm Inotes 8.5.2.4
Ibm Inotes 9.0.1.0
Ibm Inotes 9.0.1.8
1 EDB exploit
6.5
CVSSv3
CVE-2017-1129
IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it could cause the Notes client to hang and have to be restarted. IBM X-Force ID: 121370.
Ibm Inotes 8.5.2.1
Ibm Inotes 8.5.2.4
Ibm Inotes 8.5.3.0
Ibm Inotes 8.5.3.1
Ibm Inotes 8.5.1.1
Ibm Inotes 8.5.2.0
Ibm Inotes 8.5.3.6
Ibm Inotes 9.0.1.0
Ibm Inotes 9.0.1.8
Ibm Inotes 8.5.0.0
Ibm Inotes 8.5.1.0
Ibm Inotes 8.5.1.5
Ibm Inotes 9.0.0.0
Ibm Inotes 9.0.1.1
Ibm Expeditor 6.2.1
Ibm Expeditor 6.2.3
Ibm Expeditor 6.2.2
2 EDB exploits
8.8
CVSSv3
CVE-2017-6328
The Symantec Messaging Gateway prior to 10.6.3-267 can encounter an issue of cross site request forgery (also known as one-click attack and is abbreviated as CSRF or XSRF), which is a type of malicious exploit of a website where unauthorized commands are transmitted from a user t...
Symantec Message Gateway
1 EDB exploit
9.8
CVSSv3
CVE-2019-8375
The UIProcess subsystem in WebKit, as used in WebKitGTK up to and including 2.23.90 and WebKitGTK+ up to and including 2.22.6 and other products, does not prevent the script dialog size from exceeding the web view size, which allows remote malicious users to cause a denial of ser...
Webkitgtk Webkitgtk
Webkitgtk Webkitgtk\\+
Opensuse Leap 15.0
Opensuse Leap 42.3
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
1 EDB exploit
6.1
CVSSv3
CVE-2019-0186
The input fields of the Apache Pluto "Chat Room" demo portlet 3.0.0 and 3.0.1 are vulnerable to Cross-Site Scripting (XSS) attacks. Mitigation: * Uninstall the ChatRoomDemo war file - or - * migrate to version 3.1.0 of the chat-room-demo war file
Apache Pluto 3.0.0
Apache Pluto 3.0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »