Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
andrew vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2020-11729
An issue exists in DAViCal Andrew's Web Libraries (AWL) up to and including 0.60. Long-term session cookies, uses to provide long-term session continuity, are not generated securely, enabling a brute-force attack that may be successful.
Davical Andrew\\'s Web Libraries
Debian Debian Linux 9.0
Debian Debian Linux 10.0
5
CVSSv2
CVE-2020-11728
An issue exists in DAViCal Andrew's Web Libraries (AWL) up to and including 0.60. Session management does not use a sufficiently hard-to-guess session key. Anyone who can guess the microsecond time (and the incrementing session_id) can impersonate a session.
Davical Andrew\\'s Web Libraries
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
NA
CVE-2023-30752
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Silvia Pfeiffer and Andrew Nimmo External Videos plugin <= 2.0.1 versions.
Gingertech External Videos
NA
CVE-2023-23701
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Andrew @ Geeenville Web Design Easy Sign Up plugin <= 3.4.1 versions.
Web Design Easy Sign Up Project Web Design Easy Sign Up
6.2
CVSSv2
CVE-2013-0313
The evm_update_evmxattr function in security/integrity/evm/evm_crypto.c in the Linux kernel prior to 3.7.5, when the Extended Verification Module (EVM) is enabled, allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspeci...
Linux Linux Kernel 3.2.21
Linux Linux Kernel 3.4.4
Linux Linux Kernel 3.0.25
Linux Linux Kernel 3.1.2
Linux Linux Kernel 3.4.11
Linux Linux Kernel 3.0
Linux Linux Kernel 3.2.19
Linux Linux Kernel 3.0.22
Linux Linux Kernel 3.2.23
Linux Linux Kernel 3.4.13
Linux Linux Kernel 3.0.5
Linux Linux Kernel 3.5.2
Linux Linux Kernel 3.2.18
Linux Linux Kernel 3.3
Linux Linux Kernel 3.0.38
Linux Linux Kernel 3.1
Linux Linux Kernel 3.2.5
Linux Linux Kernel 3.2.26
Linux Linux Kernel 3.4
Linux Linux Kernel 3.0.18
Linux Linux Kernel 3.0.6
Linux Linux Kernel 3.0.36
NA
CVE-2024-31376
Cross-Site Request Forgery (CSRF) vulnerability in Andrew Rapps Dashboard To-Do List.This issue affects Dashboard To-Do List: from n/a up to and including 1.3.1.
4.9
CVSSv2
CVE-2013-0290
The __skb_recv_datagram function in net/core/datagram.c in the Linux kernel prior to 3.8 does not properly handle the MSG_PEEK flag with zero-length data, which allows local users to cause a denial of service (infinite loop and system hang) via a crafted application.
Linux Linux Kernel 3.2.21
Linux Linux Kernel 3.4.4
Linux Linux Kernel 3.0.25
Linux Linux Kernel 3.1.2
Linux Linux Kernel 3.4.11
Linux Linux Kernel 3.0
Linux Linux Kernel 3.2.19
Linux Linux Kernel 3.0.22
Linux Linux Kernel 3.2.23
Linux Linux Kernel 3.4.13
Linux Linux Kernel 3.0.5
Linux Linux Kernel 3.5.2
Linux Linux Kernel 3.2.18
Linux Linux Kernel 3.3
Linux Linux Kernel 3.0.38
Linux Linux Kernel 3.1
Linux Linux Kernel 3.2.5
Linux Linux Kernel 3.2.26
Linux Linux Kernel 3.4
Linux Linux Kernel 3.0.18
Linux Linux Kernel 3.0.6
Linux Linux Kernel 3.0.36
7.5
CVSSv2
CVE-2015-4517
NetworkUtils.cpp in Mozilla Firefox prior to 41.0 and Firefox ESR 38.x prior to 38.3 might allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.
Mozilla Firefox
Mozilla Firefox Esr 38.0
Mozilla Firefox Esr 38.0.1
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.1.0
Mozilla Firefox Esr 38.2.1
Mozilla Firefox Esr 38.1.1
Mozilla Firefox Esr 38.2.0
4.3
CVSSv2
CVE-2015-4519
Mozilla Firefox prior to 41.0 and Firefox ESR 38.x prior to 38.3 allow user-assisted remote malicious users to bypass intended access restrictions and discover a redirect's target URL via crafted JavaScript code that executes after a drag-and-drop action of an image into a T...
Mozilla Firefox Esr 38.1.1
Mozilla Firefox Esr 38.2.0
Mozilla Firefox Esr 38.0.1
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.1.0
Mozilla Firefox Esr 38.2.1
Mozilla Firefox Esr 38.0
Mozilla Firefox
6.4
CVSSv2
CVE-2015-4520
Mozilla Firefox prior to 41.0 and Firefox ESR 38.x prior to 38.3 allow remote malicious users to bypass CORS preflight protection mechanisms by leveraging (1) duplicate cache-key generation or (2) retrieval of a value from an incorrect HTTP Access-Control-* response header.
Mozilla Firefox Esr 38.2.1
Mozilla Firefox Esr 38.1.1
Mozilla Firefox Esr 38.2.0
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.1.0
Mozilla Firefox Esr 38.0
Mozilla Firefox Esr 38.0.1
Mozilla Firefox
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »