Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
giuseppe vulnerabilities and exploits
(subscribe to this query)
4.4
CVSSv3
CVE-2020-16120
Overlayfs did not properly perform permission checking when copying up files in an overlayfs and could be exploited from within a user namespace, if, for example, unprivileged user namespaces were allowed. It was possible to have a file not readable by an unprivileged user to be ...
Linux Linux Kernel
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
NA
CVE-2009-3522
Stack-based buffer overflow in aswMon2.sys in avast! Home and Professional for Windows 4.8.1351, and possibly other versions prior to 4.8.1356, allows local users to cause a denial of service (system crash) and possibly gain privileges via a crafted IOCTL request to IOCTL 0xb2c80...
Avast Avast Antivirus Professional 4.8.1351
Avast Avast Antivirus Home 4.8.1351
1 EDB exploit
7.8
CVSSv3
CVE-2014-8347
An Authentication Bypass vulnerability exists in the MatchPasswordData function in DBEngine.dll in Filemaker Pro 13.03 and Filemaker Pro Advanced 12.04, which could let a malicious user obtain elevated privileges.
Claris Filemaker Pro 13.03
Claris Filemaker Pro Advanced 12.0.4.0
1 EDB exploit
NA
CVE-2009-3573
Multiple insecure method vulnerabilities in the PDIControl.PDI.1 ActiveX control (PDIControl.dll) 2.2.3160.0 in EMC Captiva PixTools Distributed Imaging 2.2 allow remote malicious users to create or overwrite arbitrary files via the (1) SetLogFileName and (2) WriteToLog methods.
Emc Captiva Pixtools Distributed Imaging 2.2
1 EDB exploit
NA
CVE-2007-5923
Cross-site scripting (XSS) vulnerability in forms/smpwservices.fcc in CA (formerly Computer Associates) eTrust SiteMinder Agent allows remote malicious users to inject arbitrary web script or HTML via the SMAUTHREASON parameter, a different vector than CVE-2005-2204.
Broadcom Etrust Siteminder
1 EDB exploit
NA
CVE-2012-1220
Cross-site request forgery (CSRF) vulnerability in modules/config/admin_utente.php in GAzie 5.20 and previous versions allows remote malicious users to hijack the authentication of administrators for requests that change account information via an update action, as demonstrated b...
Devincentiis Gazie 5.17
Devincentiis Gazie 5.16
Devincentiis Gazie 5.9
Devincentiis Gazie 5.8
Devincentiis Gazie 5.1
Devincentiis Gazie 5.0
Devincentiis Gazie 4.0.6
Devincentiis Gazie 4.0.5
Devincentiis Gazie 3.0.10
Devincentiis Gazie 3.0.9
Devincentiis Gazie 3.0.2
Devincentiis Gazie 3.0.1
Devincentiis Gazie 2.0.9
Devincentiis Gazie 2.0.8
Devincentiis Gazie 5.15
Devincentiis Gazie 5.14
Devincentiis Gazie 5.7
Devincentiis Gazie 5.6
Devincentiis Gazie 4.0.13
Devincentiis Gazie 4.0.12
Devincentiis Gazie 4.0.4
Devincentiis Gazie 4.0.3
1 EDB exploit
NA
CVE-2014-2880
Open redirect vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.1, and 11.1.2.2 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the backUrl parameter in a ...
Oracle Identity Manager 11.1.2.1.0
1 EDB exploit
NA
CVE-2010-2039
Cross-site request forgery (CSRF) vulnerability in gpEasy CMS 1.6.2, 1.6.1, and previous versions allows remote malicious users to hijack the authentication of administrators for requests that create new administrative users via an Admin_Users action to index.php. NOTE: some of t...
Gpeasy Gpeasy Cms 1.5
Gpeasy Gpeasy Cms 1.6
Gpeasy Gpeasy Cms 1.6.3
Gpeasy Gpeasy Cms
Gpeasy Gpeasy Cms 1.6.1
1 EDB exploit
7.8
CVSSv3
CVE-2022-45639
OS Command injection vulnerability in sleuthkit fls tool 4.11.1 allows malicious users to execute arbitrary commands via a crafted value to the m parameter. NOTE: third parties have disputed this because there is no analysis showing that the backtick command executes outside the ...
Sleuthkit The Sleuth Kit 4.11.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started