Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
alex vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2021-32569
In OSS-RC systems of the release 18B and older customer documentation browsing libraries under ALEX are subject to Cross-Site Scripting. This problem is completely resolved in new Ericsson library browsing tool ELEX used in systems like Ericsson Network Manager. NOTE: This vulner...
Ericsson Operations Support System-radio And Core Firmware
383
VMScore
CVE-2013-2157
OpenStack Keystone Folsom, Grizzly prior to 2013.1.3, and Havana, when using LDAP with Anonymous binding, allows remote malicious users to bypass authentication via an empty password.
Openstack Keystone
445
VMScore
CVE-2007-1349
PerlRun.pm in Apache mod_perl prior to 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote malicious users to cause a denial of service (resource consumption) via a crafted URI.
Apache Mod Perl
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 7.04
Redhat Satellite 5.1
Redhat Enterprise Linux Desktop 3.0
Redhat Enterprise Linux Desktop 4.0
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Eus 4.5
Redhat Enterprise Linux Server 3.0
Redhat Enterprise Linux Server 4.0
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Workstation 3.0
Redhat Enterprise Linux Workstation 4.0
Redhat Enterprise Linux Workstation 5.0
668
VMScore
CVE-2014-2892
Heap-based buffer overflow in the get_answer function in mmsh.c in libmms prior to 0.6.4 allows remote malicious users to execute arbitrary code via a long line in an MMS over HTTP (MMSH) server response.
Libmms Project Libmms
Libmms Project Libmms 0.6.2
Libmms Project Libmms 0.6.1
Libmms Project Libmms 0.6
605
VMScore
CVE-2019-18397
A buffer overflow in the fribidi_get_par_embedding_levels_ex() function in lib/fribidi-bidi.c of GNU FriBidi up to and including 1.0.7 allows an malicious user to cause a denial of service or possibly execute arbitrary code by delivering crafted text content to a user, when this ...
Gnu Fribidi
Debian Debian Linux 10.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
383
VMScore
CVE-2020-35730
An XSS issue exists in Roundcube Webmail prior to 1.2.13, 1.3.x prior to 1.3.16, and 1.4.x prior to 1.4.10. The attacker can send a plain text e-mail message, with JavaScript in a link reference element that is mishandled by linkref_addindex in rcube_string_replacer.php.
Roundcube Webmail
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
1 Github repository
2 Articles
668
VMScore
CVE-2005-2450
Multiple integer overflows in the (1) TNEF, (2) CHM, or (3) FSG file format processors in libclamav for Clam AntiVirus (ClamAV) 0.86.1 and previous versions allow remote malicious users to gain privileges via a crafted e-mail message.
Clam Anti-virus Clamav 0.85.1
Clam Anti-virus Clamav 0.86
Clam Anti-virus Clamav 0.85
605
VMScore
CVE-2015-5400
Squid prior to 3.5.6 does not properly handle CONNECT method peer responses when configured with cache_peer, which allows remote malicious users to bypass intended restrictions and gain access to a backend proxy via a CONNECT request.
Fedoraproject Fedora 22
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Squid-cache Squid
445
VMScore
CVE-2005-2794
store.c in Squid 2.5.STABLE10 and previous versions allows remote malicious users to cause a denial of service (crash) via certain aborted requests that trigger an assert error related to STORE_PENDING.
Squid Squid 2.0.release
Squid Squid 2.1.patch1
Squid Squid 2.2.devel4
Squid Squid 2.2.pre1
Squid Squid 2.3.devel3
Squid Squid 2.1.patch2
Squid Squid 2.1.pre1
Squid Squid 2.2.pre2
Squid Squid 2.2.stable1
Squid Squid 2.2.stable2
Squid Squid 2.3.stable2
Squid Squid 2.3.stable3
Squid Squid 2.4.stable6
Squid Squid 2.4.stable7
Squid Squid 2.5.stable7
Squid Squid 2.5.stable8
Squid Squid 2.0.patch1
Squid Squid 2.1.pre3
Squid Squid 2.1.pre4
Squid Squid 2.2.stable3
Squid Squid 2.2.stable4
Squid Squid 2.3.stable4
445
VMScore
CVE-2005-2796
The sslConnectTimeout function in ssl.c for Squid 2.5.STABLE10 and previous versions allows remote malicious users to cause a denial of service (segmentation fault) via certain crafted requests.
Squid Squid 2.0 Patch2
Squid Squid 2.1.patch1
Squid Squid 2.2.devel3
Squid Squid 2.2.devel4
Squid Squid 2.3.devel2
Squid Squid 2.3.devel3
Squid Squid 2.3 .stable5
Squid Squid 2.3 Stable5
Squid Squid 2.4.stable7
Squid Squid 2.4 .stable2
Squid Squid 2.5.stable3
Squid Squid 2.5.stable4
Squid Squid 2.5 .stable3
Squid Squid 2.5 .stable4
Squid Squid 2.1.patch2
Squid Squid 2.1.pre1
Squid Squid 2.2.pre1
Squid Squid 2.2.pre2
Squid Squid 2.3.stable1
Squid Squid 2.3.stable2
Squid Squid 2.4
Squid Squid 2.4.stable1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »