Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
client side vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv3
CVE-2022-32962
HiCOS’ client-side citizen certificate component has a double free vulnerability. An unauthenticated physical attacker can exploit this vulnerability to corrupt memory and execute arbitrary code, manipulate system data or terminate service.
Hinet Hicos Natural Person Credential Component Client 3.1.0.00002
Hinet Hicos Natural Person Credential Component Client 3.0.3.30306
Hinet Hicos Natural Person Credential Component Client 3.0.3.30404
6.8
CVSSv3
CVE-2022-32959
HiCOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for OS information. An unauthenticated physical attacker can exploit this vulnerability to execute a...
Hinet Hicos Natural Person Credential Component Client 3.1.0.00002
Hinet Hicos Natural Person Credential Component Client 3.0.3.30306
Hinet Hicos Natural Person Credential Component Client 3.0.3.30404
6.8
CVSSv3
CVE-2022-32960
HiCOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for card number. An unauthenticated physical attacker can exploit this vulnerability to execute arbi...
Hinet Hicos Natural Person Credential Component Client 3.1.0.00002
Hinet Hicos Natural Person Credential Component Client 3.0.3.30306
Hinet Hicos Natural Person Credential Component Client 3.0.3.30404
6.8
CVSSv3
CVE-2022-32961
HICOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for token information. An unauthenticated physical attacker can exploit this vulnerability to execut...
Hinet Hicos Natural Person Credential Component Client 3.1.0.00002
Hinet Hicos Natural Person Credential Component Client 3.0.3.30306
Hinet Hicos Natural Person Credential Component Client 3.0.3.30404
8.1
CVSSv3
CVE-2017-17023
The Sophos UTM VPN endpoint interacts with client software provided by NPC Engineering (www.ncp-e.com). The affected client software, "Sophos IPSec Client" 11.04 is a rebranded version of NCP "Secure Entry Client" 10.11 r32792. A vulnerability in the software ...
Sophos Ipsec Client 11.04
Ncp-e Ncp Secure Entry Client 10.11
NA
CVE-2015-4456
ownCloud Desktop Client prior to 1.8.2 does not call QNetworkReply::ignoreSslErrors with the list of errors to be ignored, which allows man-in-the-middle malicious users to bypass the user's certificate distrust decision and obtain sensitive information by leveraging a self-...
Owncloud Owncloud Desktop Client
7.8
CVSSv3
CVE-2017-6669
Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files. An attacker could exploit these vulnerabilities by providing a user with a malicious ARF file via email or URL and convincing the user to launch t...
Cisco Webex Advanced Recording Format Player 29.10
7.3
CVSSv3
CVE-2021-22573
The vulnerability is that IDToken verifier does not verify if token is properly signed. Signature verification makes sure that the token's payload comes from valid provider, not from someone else. An attacker can provide a compromised token with custom payload. The token wil...
Google Oauth Client Library For Java
1 Github repository
8.8
CVSSv3
CVE-2017-9133
An issue exists on Mimosa Client Radios prior to 2.2.3 and Mimosa Backhaul Radios prior to 2.2.3. In the device's web interface, after logging in, there is a page that allows you to ping other hosts from the device and view the results. The user is allowed to specify which h...
Mimosa Backhaul Radios
Mimosa Client Radios
9.1
CVSSv3
CVE-2020-7692
PKCE support is not implemented in accordance with the RFC for OAuth 2.0 for Native Apps. Without the use of PKCE, the authorization code returned by an authorization server is not enough to guarantee that the client that issued the initial authorization request is the one that w...
Google Oauth Client Library For Java
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »