Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nicolas gregoire vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-0250
XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x prior to 1.8 allows remote malicious users to read arbitrary files or cause a denial of service via a crafted SVG file.
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Apache Batik
Redhat Jboss Enterprise Brms Platform
2 Github repositories
NA
CVE-2014-0107
The TransformerFactory in Apache Xalan-Java prior to 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, which allows remote malicious users to bypass expected restrictions and load arbitrary classes or access external resource...
Apache Xalan-java 2.6.0
Apache Xalan-java
Apache Xalan-java 2.0.1
Apache Xalan-java 2.0.0
Apache Xalan-java 2.5.1
Apache Xalan-java 2.5.0
Apache Xalan-java 2.4.1
Apache Xalan-java 2.1.0
Apache Xalan-java 2.7.0
Apache Xalan-java 2.5.2
Apache Xalan-java 2.2.0
Apache Xalan-java 2.4.0
Apache Xalan-java 1.0.0
Oracle Webcenter Sites 11.1.1.8.0
Oracle Webcenter Sites 7.6.2
NA
CVE-2012-6139
libxslt prior to 1.1.28 allows remote malicious users to cause a denial of service (NULL pointer dereference and crash) via an (1) empty match attribute in a XSL key to the xsltAddKey function in keys.c or (2) uninitialized variable to the xsltDocumentFunction function in functio...
Xmlsoft Libxslt 1.1.21
Xmlsoft Libxslt 1.1.20
Xmlsoft Libxslt 1.1.13
Xmlsoft Libxslt 1.1.12
Xmlsoft Libxslt 1.1.11
Xmlsoft Libxslt 1.1.4
Xmlsoft Libxslt 1.1.3
Xmlsoft Libxslt 1.0.30
Xmlsoft Libxslt 1.0.29
Xmlsoft Libxslt 1.0.21
Xmlsoft Libxslt 1.0.20
Xmlsoft Libxslt 1.0.13
Xmlsoft Libxslt 1.0.12
Xmlsoft Libxslt 1.0.5
Xmlsoft Libxslt 1.0.4
Xmlsoft Libxslt 0.11.0
Xmlsoft Libxslt 0.10.0
Xmlsoft Libxslt 0.3.0
Xmlsoft Libxslt 0.2.0
Xmlsoft Libxslt 1.1.25
Xmlsoft Libxslt 1.1.24
Xmlsoft Libxslt 1.1.17
NA
CVE-2012-4361
lhn/public/network/ping in HP SAN/iQ prior to 9.5 on the HP Virtual SAN Appliance allows remote authenticated users to execute arbitrary commands via shell metacharacters in the second parameter.
Hp San\\/iq 8.5
Hp San\\/iq 8.1
Hp San\\/iq 8.0
Hp San\\/iq
2 EDB exploits
NA
CVE-2012-4362
hydra.exe in HP SAN/iQ prior to 9.5 on the HP Virtual SAN Appliance has a hardcoded password of L0CAlu53R for the global$agent account, which allows remote malicious users to obtain access to a management service via a login: request to TCP port 13838.
Hp San\\/iq 9.5
2 EDB exploits
NA
CVE-2012-2986
lhn/public/network/ping in HP SAN/iQ 9.5 on the HP Virtual SAN Appliance allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) first, (2) third, or (3) fourth parameter. NOTE: this vulnerability exists because of an incomplete fix for...
Hp San\\/iq 9.5
2 EDB exploits
NA
CVE-2011-3026
Integer overflow in libpng, as used in Google Chrome prior to 17.0.963.56, allows remote malicious users to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation.
Google Chrome
Apple Iphone Os
Apple Mac Os X 10.6.8
Apple Mac Os X
Apple Mac Os X Server 10.6.8
Apple Mac Os X Server
Opensuse Opensuse 11.4
Suse Linux Enterprise Server 11
Suse Suse Linux Enterprise Server 11
1 Github repository
NA
CVE-2012-0452
Use-after-free vulnerability in Mozilla Firefox 10.x prior to 10.0.1, Thunderbird 10.x prior to 10.0.1, and SeaMonkey 2.7 allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger failure of an nsXBL...
Mozilla Firefox 10.0
Mozilla Thunderbird 10.0
Mozilla Seamonkey 2.7
NA
CVE-2011-3659
Use-after-free vulnerability in Mozilla Firefox prior to 3.6.26 and 4.x up to and including 9.0, Thunderbird prior to 3.1.18 and 5.0 up to and including 9.0, and SeaMonkey prior to 2.7 might allow remote malicious users to execute arbitrary code via vectors related to incorrect A...
Mozilla Firefox
Mozilla Seamonkey
Mozilla Thunderbird
Opensuse Opensuse 11.4
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 10
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Software Development Kit 11
1 EDB exploit
1 Github repository
NA
CVE-2011-3670
Mozilla Firefox prior to 3.6.26 and 4.x up to and including 6.0, Thunderbird prior to 3.1.18 and 5.0 up to and including 6.0, and SeaMonkey prior to 2.4 do not properly enforce the IPv6 literal address syntax, which allows remote malicious users to obtain sensitive information by...
Mozilla Firefox 3.6.7
Mozilla Firefox 3.6.8
Mozilla Firefox 3.6.15
Mozilla Firefox 3.6.16
Mozilla Firefox 3.5.15
Mozilla Firefox 3.5.14
Mozilla Firefox 3.5.4
Mozilla Firefox 3.5.2
Mozilla Firefox 3.0.1
Mozilla Firefox 3.0.10
Mozilla Firefox 3.0.6
Mozilla Firefox 3.0.9
Mozilla Firefox 3.0.17
Mozilla Firefox 2.0.0.14
Mozilla Firefox 2.0.0.12
Mozilla Firefox 2.0
Mozilla Firefox 2.0.0.18
Mozilla Firefox 2.0.0.2
Mozilla Firefox 2.0.0.1
Mozilla Firefox 1.0.3
Mozilla Firefox 1.0.2
Mozilla Firefox 1.5.0.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »