Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
client side vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2009-2477
js/src/jstracer.cpp in the Just-in-time (JIT) JavaScript compiler (aka TraceMonkey) in Mozilla Firefox 3.5 prior to 3.5.1 allows remote malicious users to execute arbitrary code via certain use of the escape function that triggers access to uninitialized memory locations, as orig...
Mozilla Firefox 3.5
4 EDB exploits
5.8
CVSSv2
CVE-2009-3555
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and previous versions, OpenSSL prior to 0.9.8l, GnuTLS 2.8.5 and previous versions, Mozilla Network Security Ser...
Openssl Openssl 1.0
Apache Http Server
Openssl Openssl
Gnu Gnutls
Mozilla Nss
Debian Debian Linux 5.0
Canonical Ubuntu Linux 10.10
Fedoraproject Fedora 11
Fedoraproject Fedora 13
Debian Debian Linux 4.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 9.04
Debian Debian Linux 6.0
Fedoraproject Fedora 12
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 9.10
Fedoraproject Fedora 14
F5 Nginx
2 EDB exploits
10 Github repositories
4.3
CVSSv2
CVE-2016-0800
The SSLv2 protocol, as used in OpenSSL prior to 1.0.1s and 1.0.2 prior to 1.0.2g and other products, requires a server to send a ServerVerify message before establishing that a client possesses certain plaintext RSA data, which makes it easier for remote malicious users to decryp...
Openssl Openssl 1.0.1m
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.1
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.2e
Openssl Openssl 1.0.1r
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.2
Openssl Openssl 1.0.1p
Openssl Openssl 1.0.1k
Openssl Openssl 1.0.1b
Openssl Openssl 1.0.1n
Openssl Openssl 1.0.1q
Openssl Openssl 1.0.1e
Openssl Openssl 1.0.1l
Openssl Openssl 1.0.1f
2 Nmap scripts
4 Github repositories
2 Articles
4.3
CVSSv2
CVE-2017-13099
wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as "ROBOT."
Wolfssl Wolfssl
Siemens Scalance W1750d Firmware
Arubanetworks Instant
10
CVSSv2
CVE-2002-0005
Buffer overflow in AOL Instant Messenger (AIM) 4.7.2480, 4.8.2616, and other versions allows remote malicious users to execute arbitrary code via a long argument in a game request (AddGame).
Aol Instant Messenger 4.5
Aol Instant Messenger 4.6
Aol Instant Messenger 4.3.2229
Aol Instant Messenger 4.4
Aol Instant Messenger 4.7
Aol Instant Messenger 4.7.2480
Aol Instant Messenger 4.3
Aol Instant Messenger 4.8.2616
1 EDB exploit
10
CVSSv2
CVE-2017-8864
Client-side enforcement using JavaScript of server-side security options on the Cohu 3960HD allows an malicious user to manipulate options sent to the camera and cause malfunction or code execution, as demonstrated by a client-side "if (!passwordsAreEqual())" test.
Cohuhd 3960hd Firmware -
NA
CVE-2023-42787
A client-side enforcement of server-side security [CWE-602] vulnerability in Fortinet FortiManager version 7.4.0 and prior to 7.2.3 and FortiAnalyzer version 7.4.0 and prior to 7.2.3 may allow a remote attacker with low privileges to access a privileged web console via client sid...
Fortinet Fortianalyzer
Fortinet Fortimanager
Fortinet Fortianalyzer 7.4.0
Fortinet Fortimanager 7.4.0
7.5
CVSSv2
CVE-2021-43355
Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 allows user input to be validated on the client side without authentication by the server. The server should not rely on the correctness of the data because users might not support or block JavaScript or...
Fresenius-kabi Vigilant Centerium 1.0
Fresenius-kabi Vigilant Mastermed 1.0
Fresenius-kabi Vigilant Insight 1.0
Fresenius-kabi Agilia Partner Maintenance Software
Fresenius-kabi Agilia Connect Firmware
Fresenius-kabi Link\\+ Agilia Firmware 3.0
Fresenius-kabi Link\\+ Agilia Firmware
6.8
CVSSv2
CVE-2017-14013
A Client-Side Enforcement of Server-Side Security issue exists in ProMinent MultiFLEX M10a Controller web interface. The log out function in the application removes the user's session only on the client side. This may allow an malicious user to bypass protection mechanisms, ...
Prominent Multiflex M10a Controller Firmware
6.5
CVSSv2
CVE-2019-12421
When using an authentication mechanism other than PKI, when the user clicks Log Out in NiFi versions 1.0.0 to 1.9.2, NiFi invalidates the authentication token on the client side but not on the server side. This permits the user's client-side token to be used for up to 12 hou...
Apache Nifi
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »