Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
drew vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-0784
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 19.0, Thunderbird prior to 17.0.3, and SeaMonkey prior to 2.16 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary ...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Seamonkey
Mozilla Thunderbird
Mozilla Thunderbird Esr
Opensuse Opensuse 11.4
Opensuse Opensuse 12.1
Opensuse Opensuse 12.2
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
NA
CVE-2013-0765
Mozilla Firefox prior to 19.0, Thunderbird prior to 17.0.3, and SeaMonkey prior to 2.16 do not prevent multiple wrapping of WebIDL objects, which allows remote malicious users to bypass intended access restrictions via unspecified vectors.
Mozilla Firefox
Mozilla Seamonkey
Opensuse Opensuse 11.4
Opensuse Opensuse 12.1
Opensuse Opensuse 12.2
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
NA
CVE-2011-4815
Ruby (aka CRuby) prior to 1.8.7-p357 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent malicious users to cause a denial of service (CPU consumption) via crafted input to an application that maintains a has...
Ruby-lang Ruby 1.8.7-p334
Ruby-lang Ruby 1.8.7-p330
Ruby-lang Ruby 1.8.7-p302
Ruby-lang Ruby 1.8.7-p299
Ruby-lang Ruby
NA
CVE-2011-2686
Ruby prior to 1.8.7-p352 does not reset the random seed upon forking, which makes it easier for context-dependent malicious users to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a related issue to CVE-2...
Ruby-lang Ruby 1.8.7-302
Ruby-lang Ruby 1.8.7-249
Ruby-lang Ruby 1.8.7-299
Ruby-lang Ruby
Ruby-lang Ruby 1.8.7
Ruby-lang Ruby 1.8.7-330
Ruby-lang Ruby 1.8.7-160
Ruby-lang Ruby 1.8.7-173
Ruby-lang Ruby 1.8.7-p21
Ruby-lang Ruby 1.8.7-248
NA
CVE-2011-2705
The SecureRandom.random_bytes function in lib/securerandom.rb in Ruby prior to 1.8.7-p352 and 1.9.x prior to 1.9.2-p290 relies on PID values for initialization, which makes it easier for context-dependent malicious users to predict the result string by leveraging knowledge of ran...
Ruby-lang Ruby 1.8.7
Ruby-lang Ruby
Ruby-lang Ruby 1.8.7-p21
Ruby-lang Ruby 1.8.7-173
Ruby-lang Ruby 1.8.7-160
Ruby-lang Ruby 1.8.7-330
Ruby-lang Ruby 1.8.7-249
Ruby-lang Ruby 1.8.7-248
Ruby-lang Ruby 1.8.7-302
Ruby-lang Ruby 1.8.7-299
Ruby-lang Ruby 1.9.1
Ruby-lang Ruby 1.9.0
Ruby-lang Ruby 1.9.0-2
Ruby-lang Ruby 1.9.0-20070709
Ruby-lang Ruby 1.9.0-1
Ruby-lang Ruby 1.9.2
Ruby-lang Ruby 1.9.2-p180
Ruby-lang Ruby 1.9
Ruby-lang Ruby 1.9.0-0
Ruby-lang Ruby 1.9.2-p136
Ruby-lang Ruby 1.9.0-20060415
NA
CVE-2011-0188
The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and previous versions, as used on Apple Mac OS X prior to 10.6.7 and other platforms, does not properly allocate memory, which allows context-dependent malicious users to execute arbitrary code or ...
Ruby-lang Ruby 1.9.1
Ruby-lang Ruby 1.9.2
Ruby-lang Ruby 1.9.0-20060415
Ruby-lang Ruby
Ruby-lang Ruby 1.9.0-0
Ruby-lang Ruby 1.9
Ruby-lang Ruby 1.9.0-20070709
Ruby-lang Ruby 1.9.0-1
Ruby-lang Ruby 1.9.0
Ruby-lang Ruby 1.9.0-2
NA
CVE-2011-1005
The safe-level feature in Ruby 1.8.6 up to and including 1.8.6-420, 1.8.7 up to and including 1.8.7-330, and 1.8.8dev allows context-dependent malicious users to modify strings via the Exception#to_s method, as demonstrated by changing an intended pathname.
Ruby-lang Ruby 1.8.7-330
Ruby-lang Ruby 1.8.8
Ruby-lang Ruby 1.8.6-420
Ruby-lang Ruby 1.8.7
Ruby-lang Ruby 1.8.6
NA
CVE-2011-1004
The FileUtils.remove_entry_secure method in Ruby 1.8.6 up to and including 1.8.6-420, 1.8.7 up to and including 1.8.7-330, 1.8.8dev, 1.9.1 up to and including 1.9.1-430, 1.9.2 up to and including 1.9.2-136, and 1.9.3dev allows local users to delete arbitrary files via a symlink a...
Ruby-lang Ruby 1.9.2
Ruby-lang Ruby 1.9.3
Ruby-lang Ruby 1.8.6
Ruby-lang Ruby 1.8.7
Ruby-lang Ruby 1.8.8
Ruby-lang Ruby 1.9.1
NA
CVE-2010-0541
Cross-site scripting (XSS) vulnerability in the WEBrick HTTP server in Ruby in Apple Mac OS X 10.5.8, and 10.6 prior to 10.6.4, allows remote malicious users to inject arbitrary web script or HTML via a crafted URI that triggers a UTF-7 error page.
Apple Mac Os X 10.6.2
Apple Mac Os X Server 10.6.0
Apple Mac Os X 10.6.0
Apple Mac Os X 10.6.1
Apple Mac Os X Server 10.6.3
Apple Mac Os X 10.6.3
Apple Mac Os X Server 10.5.8
Apple Mac Os X 10.5.8
Apple Mac Os X Server 10.6.1
Apple Mac Os X Server 10.6.2
NA
CVE-2009-3606
Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf prior to 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote malicious users to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.
Foolabs Xpdf 3.02pl1
Foolabs Xpdf 3.02pl2
Foolabs Xpdf 3.02pl3
Glyphandcog Xpdfreader 3.00
Glyphandcog Xpdfreader 3.01
Glyphandcog Xpdfreader 3.02
Poppler Poppler 0.1
Poppler Poppler 0.1.1
Poppler Poppler 0.1.2
Poppler Poppler 0.2.0
Poppler Poppler 0.3.0
Poppler Poppler 0.3.1
Poppler Poppler 0.3.2
Poppler Poppler 0.3.3
Poppler Poppler 0.4.0
Poppler Poppler 0.4.1
Poppler Poppler 0.4.2
Poppler Poppler 0.4.3
Poppler Poppler 0.4.4
Poppler Poppler 0.5.0
Poppler Poppler 0.5.1
Poppler Poppler 0.5.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »