Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
amazon link project amazon link vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2022-1645
The Amazon Link WordPress plugin up to and including 3.2.10 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed.
Amazon Link Project Amazon Link
6.4
CVSSv2
CVE-2011-3188
The (1) IPv4 and (2) IPv6 implementations in the Linux kernel prior to 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote malicious users to cause a denial of service (disrupted networking) or hijack ...
Linux Linux Kernel
Redhat Enterprise Linux 4.0
F5 Enterprise Manager 3.0.0
F5 Firepass 7.0.0
F5 Big-ip Local Traffic Manager
F5 Big-ip Access Policy Manager
F5 Big-ip Edge Gateway
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Webaccelerator
F5 Big-ip Wan Optimization Manager
F5 Big-ip Protocol Security Module
F5 Big-ip Application Security Manager
F5 Firepass
F5 Arx
F5 Enterprise Manager
F5 Big-ip Analytics
5
CVSSv2
CVE-2015-4646
(1) unsquash-1.c, (2) unsquash-2.c, (3) unsquash-3.c, and (4) unsquash-4.c in Squashfs and sasquatch allow remote malicious users to cause a denial of service (application crash) via a crafted input.
Squashfs Project Squashfs
3.6
CVSSv2
CVE-2017-15111
keycloak-httpd-client-install versions prior to 0.8 insecurely creates temporary file allowing local malicious users to overwrite other files via symbolic link.
Keycloak-httpd-client-install Project Keycloak-httpd-client-install
3.6
CVSSv2
CVE-2014-2277
The make_temporary_filename function in perltidy 20120701-1 and previous versions allows local users to obtain sensitive information or write to arbitrary files via a symlink attack, related to use of the tmpnam function.
Perltidy Project Perltidy
4.3
CVSSv2
CVE-2015-4645
Integer overflow in the read_fragment_table_4 function in unsquash-4.c in Squashfs and sasquatch allows remote malicious users to cause a denial of service (application crash) via a crafted input, which triggers a stack-based buffer overflow.
Squashfs Project Squashfs
Fedoraproject Fedora 21
Fedoraproject Fedora 22
5.8
CVSSv2
CVE-2021-41072
squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. A squashfs filesystem that has been crafted to include a symbolic link and then contents under the same filename in a filesystem can cause unsquashfs ...
Squashfs-tools Project Squashfs-tools 4.5
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
2.1
CVSSv2
CVE-2017-15112
keycloak-httpd-client-install versions prior to 0.8 allow users to insecurely pass password through command line, leaking it via command history and process info to other local users.
Keycloak-httpd-client-install Project Keycloak-httpd-client-install
6.9
CVSSv2
CVE-2017-1000367
Todd Miller's sudo version 1.8.20 and previous versions is vulnerable to an input validation (embedded spaces) in the get_process_ttyname() function resulting in information disclosure and command execution.
Sudo Project Sudo
1 EDB exploit
4 Github repositories
5.8
CVSSv2
CVE-2021-40153
squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the destination directory, and thus allows writing...
Squashfs-tools Project Squashfs-tools 4.5
Fedoraproject Fedora 34
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 33
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »