Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
alex vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2013-2161
XML injection vulnerability in account/utils.py in OpenStack Swift Folsom, Grizzly, and Havana allows malicious users to trigger invalid or spoofed Swift responses via an account name.
Opensuse Opensuse 12.3
Openstack Grizzly -
Openstack Folsom -
Openstack Havana -
6.8
CVSSv2
CVE-2013-5559
Buffer overflow in the Active Template Library (ATL) framework in the VPNAPI COM module in Cisco AnyConnect Secure Mobility Client 2.x allows user-assisted remote malicious users to execute arbitrary code via a crafted HTML document, aka Bug ID CSCuj58139.
Cisco Anyconnect Secure Mobility Client 2.1
Cisco Anyconnect Secure Mobility Client 2.2
Cisco Anyconnect Secure Mobility Client 2.2.128
Cisco Anyconnect Secure Mobility Client 2.2.133
Cisco Anyconnect Secure Mobility Client 2.4.5004
Cisco Anyconnect Secure Mobility Client 2.4.7030
Cisco Anyconnect Secure Mobility Client 2.4.7073
Cisco Anyconnect Secure Mobility Client 2.5
Cisco Anyconnect Secure Mobility Client 2.5.3054
Cisco Anyconnect Secure Mobility Client 2.5.3055
Cisco Anyconnect Secure Mobility Client 2.5.5112
Cisco Anyconnect Secure Mobility Client 2.5.5116
Cisco Anyconnect Secure Mobility Client 2.2.140
Cisco Anyconnect Secure Mobility Client 2.3.185
Cisco Anyconnect Secure Mobility Client 2.4.0202
Cisco Anyconnect Secure Mobility Client 2.4.4004
Cisco Anyconnect Secure Mobility Client 2.5.1025
Cisco Anyconnect Secure Mobility Client 2.5.2006
Cisco Anyconnect Secure Mobility Client 2.5.3041
Cisco Anyconnect Secure Mobility Client 2.5.3051
Cisco Anyconnect Secure Mobility Client 2.5.5118
Cisco Anyconnect Secure Mobility Client 2.5.5130
5
CVSSv2
CVE-2015-0219
Django prior to 1.4.18, 1.6.x prior to 1.6.10, and 1.7.x prior to 1.7.3 allows remote malicious users to spoof WSGI headers by using an _ (underscore) character instead of a - (dash) character in an HTTP header, as demonstrated by an X-Auth_User header.
Djangoproject Django 1.6.1
Djangoproject Django 1.6.2
Djangoproject Django 1.6.9
Djangoproject Django 1.7
Djangoproject Django 1.6.5
Djangoproject Django 1.6.6
Djangoproject Django
Djangoproject Django 1.6
Djangoproject Django 1.6.7
Djangoproject Django 1.6.8
Djangoproject Django 1.6.3
Djangoproject Django 1.6.4
Djangoproject Django 1.7.1
Djangoproject Django 1.7.2
4.3
CVSSv2
CVE-2015-0220
The django.util.http.is_safe_url function in Django prior to 1.4.18, 1.6.x prior to 1.6.10, and 1.7.x prior to 1.7.3 does not properly handle leading whitespaces, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via a crafted URL, related to redir...
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 10.04
Djangoproject Django 1.6.2
Djangoproject Django 1.6.3
Djangoproject Django 1.7
Djangoproject Django 1.7.1
Djangoproject Django
Djangoproject Django 1.6.6
Djangoproject Django 1.6.7
Djangoproject Django 1.6
Djangoproject Django 1.6.1
Djangoproject Django 1.6.8
Djangoproject Django 1.6.9
Djangoproject Django 1.6.4
Djangoproject Django 1.6.5
Djangoproject Django 1.7.2
5
CVSSv2
CVE-2015-0221
The django.views.static.serve view in Django prior to 1.4.18, 1.6.x prior to 1.6.10, and 1.7.x prior to 1.7.3 reads files an entire line at a time, which allows remote malicious users to cause a denial of service (memory consumption) via a long line in a file.
Djangoproject Django 1.6.4
Djangoproject Django 1.6.5
Djangoproject Django 1.7.2
Djangoproject Django 1.6
Djangoproject Django 1.6.1
Djangoproject Django 1.6.8
Djangoproject Django 1.6.9
Djangoproject Django 1.6.2
Djangoproject Django 1.6.3
Djangoproject Django 1.7
Djangoproject Django 1.7.1
Djangoproject Django
Djangoproject Django 1.6.6
Djangoproject Django 1.6.7
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
4
CVSSv2
CVE-2018-14629
A denial of service vulnerability exists in Samba's LDAP server prior to 4.7.12, 4.8.7, and 4.9.3. A CNAME loop could lead to infinite recursion in the server. An unprivileged local attacker could create such an entry, leading to denial of service.
Samba Samba
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Debian Debian Linux 9.0
Debian Debian Linux 8.0
6.8
CVSSv2
CVE-2021-24105
<p>Depending on configuration of various package managers it is possible for an malicious user to insert a malicious package into a package manager's repository which can be retrieved and used during development, build, and release processes. This insertion could lead ...
Microsoft Package Manager Configurations -
4
CVSSv2
CVE-2018-16851
Samba from version 4.0.0 and prior to 4.7.12, 4.8.7, 4.9.3 is vulnerable to a denial of service. During the processing of an LDAP search before Samba's AD DC returns the LDAP entries to the client, the entries are cached in a single memory object with a maximum size of 256MB...
Samba Samba
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 8.0
Debian Debian Linux 9.0
4
CVSSv2
CVE-2018-16841
Samba from version 4.3.0 and prior to 4.7.12, 4.8.7 and 4.9.3 are vulnerable to a denial of service. When configured to accept smart-card authentication, Samba's KDC will call talloc_free() twice on the same memory if the principal in a validly signed certificate does not ma...
Samba Samba
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 9.0
4.3
CVSSv2
CVE-2021-21126
Insufficient policy enforcement in extensions in Google Chrome before 88.0.4324.96 allowed a remote malicious user to bypass site isolation via a crafted Chrome Extension.
Google Chrome
Microsoft Edge Chromium
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »