Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
answer answer vulnerabilities and exploits
(subscribe to this query)
8
CVSSv3
CVE-2021-24914
The Tawk.To Live Chat WordPress plugin prior to 0.6.0 does not have capability and CSRF checks in the tawkto_setwidget and tawkto_removewidget AJAX actions, available to any authenticated user. The first one allows low-privileged users (including simple subscribers) to change the...
Tawk Tawk.to Live Chat
8
CVSSv3
CVE-2020-8860
This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Samsung Galaxy S10 Firmware G973FXXS3ASJA, O(8.x), P(9.0), Q(10.0) devices with Exynos chipsets. User interaction is required to exploit this vulnerability in that the target m...
Google Android 8.0
Google Android 8.1
Google Android 9.0
Google Android 10.0
7.5
CVSSv3
CVE-2023-2911
If the `recursive-clients` quota is reached on a BIND 9 resolver configured with both `stale-answer-enable yes;` and `stale-answer-client-timeout 0;`, a sequence of serve-stale-related lookups could cause `named` to loop and terminate unexpectedly due to a stack overflow. This is...
Isc Bind
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Netapp Active Iq Unified Manager -
Netapp H700s Firmware -
Netapp H300s Firmware -
Netapp H410c Firmware -
Netapp H410s Firmware -
Netapp H500s Firmware -
7.5
CVSSv3
CVE-2023-31137
MaraDNS is open-source software that implements the Domain Name System (DNS). In version 3.5.0024 and prior, a remotely exploitable integer underflow vulnerability in the DNS packet decompression function allows an malicious user to cause a Denial of Service by triggering an abno...
Maradns Maradns
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Debian Debian Linux 10.0
Debian Debian Linux 11.0
7.5
CVSSv3
CVE-2022-3924
This issue can affect BIND 9 resolvers with `stale-answer-enable yes;` that also make use of the option `stale-answer-client-timeout`, configured with a value greater than zero. If the resolver receives many queries that require recursion, there will be a corresponding increase i...
Isc Bind 9.16.13
Isc Bind 9.16.21
Isc Bind 9.16.32
Isc Bind 9.16.14
Isc Bind
Isc Bind 9.16.36
Isc Bind 9.16.12
7.5
CVSSv3
CVE-2022-3488
Processing of repeated responses to the same query, where both responses contain ECS pseudo-options, but where the first is broken in some way, can cause BIND to exit with an assertion failure. 'Broken' in this context is anything that would cause the resolver to reject...
Isc Bind 9.16.8
Isc Bind 9.11.37
Isc Bind 9.16.36
Isc Bind 9.11.4
7.5
CVSSv3
CVE-2022-3736
BIND 9 resolver can crash when stale cache and stale answers are enabled, option `stale-answer-client-timeout` is set to a positive integer, and the resolver receives an RRSIG query. This issue affects BIND 9 versions 9.16.12 up to and including 9.16.36, 9.18.0 up to and includin...
Isc Bind 9.16.11
Isc Bind 9.16.13
Isc Bind 9.16.21
Isc Bind 9.16.32
Isc Bind 9.16.14
Isc Bind
Isc Bind 9.16.36
7.5
CVSSv3
CVE-2022-48256
Technitium DNS Server prior to 10.0 allows a self-CNAME denial-of-service attack in which a CNAME loop causes an answer to contain hundreds of records.
Technitium Dns Server
1 Github repository
7.5
CVSSv3
CVE-2022-3204
A vulnerability named 'Non-Responsive Delegation Attack' (NRDelegation Attack) has been discovered in various DNS resolving software. The NRDelegation Attack works by having a malicious delegation with a considerable number of non responsive nameservers. The attack star...
Nlnetlabs Unbound
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
7.5
CVSSv3
CVE-2022-3080
By sending specific queries to the resolver, an attacker can cause named to crash.
Isc Bind 9.16.21
Isc Bind
Isc Bind 9.16.32
Isc Bind 9.16.14
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »