Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
anchor vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2023-24620
An issue exists in Esoteric YamlBeans up to and including 1.15. A crafted YAML document is able perform am XML Entity Expansion attack against YamlBeans YamlReader. By exploiting the Anchor feature in YAML, it is possible to generate a small YAML document that, when read, is expa...
Esotericsoftware Yamlbeans
6.5
CVSSv3
CVE-2017-7844
A combination of an external SVG image referenced on a page and the coloring of anchor links stored within this image can be used to determine which pages a user has in their history. This can allow a malicious website to query user history. Note: This issue only affects Firefox ...
Mozilla Firefox
5.4
CVSSv3
CVE-2022-23637
K-Box is a web-based application to manage documents, images, videos and geodata. Prior to version 0.33.1, a stored Cross-Site-Scripting (XSS) vulnerability is present in the markdown editor used by the document abstract and markdown file preview. A specifically crafted anchor li...
K-link K-box
NA
CVE-2012-5553
Multiple cross-site scripting (XSS) vulnerabilities in the OM Maximenu module 6.x-1.x prior to 6.x-1.44 and 7.x-1.x prior to 7.x-1.44 for Drupal allow remote authenticated users with the "administer OM Maximenu" permission to inject arbitrary web script or HTML via the ...
Daniel Honrade Om Maximenu 6.x-1.40
Daniel Honrade Om Maximenu 6.x-1.39
Daniel Honrade Om Maximenu 6.x-1.38
Daniel Honrade Om Maximenu 6.x-1.37
Daniel Honrade Om Maximenu 6.x-1.24
Daniel Honrade Om Maximenu 6.x-1.23
Daniel Honrade Om Maximenu 6.x-1.22
Daniel Honrade Om Maximenu 6.x-1.21
Daniel Honrade Om Maximenu 6.x-1.20
Daniel Honrade Om Maximenu 6.x-1.7
Daniel Honrade Om Maximenu 6.x-1.6
Daniel Honrade Om Maximenu 6.x-1.5
Daniel Honrade Om Maximenu 6.x-1.4
Daniel Honrade Om Maximenu 7.x-1.42
Daniel Honrade Om Maximenu 7.x-1.41
Daniel Honrade Om Maximenu 7.x-1.40
Daniel Honrade Om Maximenu 7.x-1.39
Daniel Honrade Om Maximenu 7.x-1.26
Daniel Honrade Om Maximenu 7.x-1.25
Daniel Honrade Om Maximenu 7.x-1.24
Daniel Honrade Om Maximenu 7.x-1.23
Daniel Honrade Om Maximenu 7.x-1.22
NA
CVE-2024-1999
The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Testimonial Widget's anchor style parameter in all versions up to, and including, 3.2.25 due to insufficient input sanitization and ...
5.3
CVSSv3
CVE-2018-6922
One of the data structures that holds TCP segments in all versions of FreeBSD before 11.2-RELEASE-p1, 11.1-RELEASE-p12, and 10.4-RELEASE-p10 uses an inefficient algorithm to reassemble the data. This causes the CPU time spent on segment processing to grow linearly with the number...
Freebsd Freebsd 10.4
Freebsd Freebsd 11.1
Freebsd Freebsd 11.2
NA
CVE-2006-0799
Microsoft Internet Explorer allows remote malicious users to spoof a legitimate URL in the status bar and conduct a phishing attack via a web page with an anchor element with a legitimate "href" attribute, a form whose action points to a malicious URL, and an INPUT subm...
Microsoft Internet Explorer 6.0.2900
NA
CVE-2004-1104
Microsoft Internet Explorer 6.0 SP2 allows remote malicious users to spoof a legitimate URL in the status bar and conduct a phishing attack via a web page that contains a BASE element that points to the legitimate site, followed by an anchor (a) element with an empty "href&q...
Microsoft Ie 6.0
1 EDB exploit
NA
CVE-2008-2640
Multiple cross-site scripting (XSS) vulnerabilities in the Flex 3 History Management feature in Adobe Flex 3.0.1 SDK and Flex Builder 3, and generated applications, allow remote malicious users to inject arbitrary web script or HTML via the anchor identifier to (1) client-side-de...
Adobe Flex Builder 3
Adobe Flex 3.0.1
5.9
CVSSv3
CVE-2017-17428
Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote malicious users to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack.
Cavium Octeon Sdk
Cavium Nitrox V Ssl Sdk
Cavium Nitrox Ssl Sdk
Cavium Octeon Ssl Sdk
Cavium Turbossl Sdk
Cisco Webex Meetings T31
Cisco Webex Conect Im 7.24.1
Cisco Webex Meetings T32
Cisco Ace4710 Application Control Engine Firmware 3.0\\(0\\)a5\\(3.0\\)
Cisco Ace4710 Application Control Engine Firmware 3.0\\(0\\)a5\\(3.5\\)
Cisco Ace4710 Application Control Engine Firmware 3.0\\(0\\)a5\\(2.0\\)
Cisco Ace30 Application Control Engine Module Firmware 3.0\\(0\\)a5\\(3.0\\)
Cisco Ace30 Application Control Engine Module Firmware 3.0\\(0\\)a5\\(3.5\\)
Cisco Ace30 Application Control Engine Module Firmware 3.0\\(0\\)a5\\(2.0\\)
Cisco Adaptive Security Appliance 5520 Firmware 9.1\\(7.16\\)
Cisco Adaptive Security Appliance 5540 Firmware 9.1\\(7.16\\)
Cisco Adaptive Security Appliance 5550 Firmware 9.1\\(7.16\\)
Cisco Adaptive Security Appliance 5510 Firmware 9.1\\(7.16\\)
Cisco Adaptive Security Appliance 5505 Firmware 9.1\\(7.16\\)
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »