Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
coresecurity.com vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-38403
Core Security Technologies Advisory - A remotely exploitable vulnerability was found in the database server core component of IBM SolidDB. Exploitation of this bug does not require authentication and will lead to a remotely triggered denial of service of the database service.
NA
CVE-2009-41483
Core Security Technologies Advisory - DAZ Studio is a 3D figure illustration/animation application released by DAZ 3D Inc. DAZ Studio can be accessed via a scripting language which allows for quite a bit of diversity in tool creation. DAZ Studio does not ask for any confirmation ...
2.6
CVSSv2
CVE-2006-5793
The sPLT chunk handling code (png_set_sPLT function in pngset.c) in libpng 1.0.6 up to and including 1.2.12 uses a sizeof operator on the wrong data type, which allows context-dependent malicious users to cause a denial of service (crash) via malformed sPLT chunks that trigger an...
Greg Roelofs Libpng 1.0.6
Greg Roelofs Libpng 1.0.7
Greg Roelofs Libpng 1.0.8
Greg Roelofs Libpng 1.0.9
Greg Roelofs Libpng 1.2.0
Greg Roelofs Libpng 1.2.1
Greg Roelofs Libpng 1.2.2
Greg Roelofs Libpng 1.2.3
Greg Roelofs Libpng 1.2.4
Greg Roelofs Libpng 1.2.5
Greg Roelofs Libpng 1.2.6
Greg Roelofs Libpng 1.2.7
NA
CVE-2009-09493
Core Security Technologies Advisory - CUPS versions 1.3.9 and below suffer from a handling flaw of the IPP_TAG_UNSUPPORTED tag that allows attackers to cause a remote pre-authentication denial of service.
NA
CVE-2009-11403
Core Security Technologies Advisory - Internet Explorer suffers from a security zone restrictions bypass vulnerability.
NA
CVE-2009-13573
Core Security Technologies Advisory - An HTTP Response Splitting vulnerability has been discovered in Sun Java System Delegated Administrator.
5.4
CVSSv3
CVE-2018-10164
Stored Cross-site scripting (XSS) vulnerability in the TP-Link EAP Controller and Omada Controller versions 2.5.4_Windows/2.6.0_Windows allows authenticated malicious users to inject arbitrary web script or HTML via the implementation of portalPictureUpload functionality. This is...
Tp-link Eap Controller 2.5.4
Tp-link Eap Controller 2.6.0
8.8
CVSSv3
CVE-2018-10166
The web management interface in the TP-Link EAP Controller and Omada Controller versions 2.5.4_Windows/2.6.0_Windows does not have Anti-CSRF tokens in any forms. This would allow an malicious user to submit authenticated requests when an authenticated user browses an attack-contr...
Tp-link Eap Controller 2.5.4
Tp-link Eap Controller 2.6.0
4.3
CVSSv2
CVE-2007-5266
Off-by-one error in ICC profile chunk handling in the png_set_iCCP function in pngset.c in libpng prior to 1.0.29 beta1 and 1.2.x prior to 1.2.21 beta1 allows remote malicious users to cause a denial of service (crash) via a crafted PNG image that prevents a name field from being...
Libpng Libpng
4.3
CVSSv2
CVE-2007-5268
pngrtran.c in libpng prior to 1.0.29 and 1.2.x prior to 1.2.21 use (1) logical instead of bitwise operations and (2) incorrect comparisons, which might allow remote malicious users to cause a denial of service (crash) via a crafted PNG image.
Libpng Libpng
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2025-0557
injection
adifier system
denial of service
unauthorized
CVE-2024-55591
CVE-2025-0282
CVE-2024-49354
CVE-2025-21651
CVE-2025-21644
ultimate member – user profile, registration, login, member directory, content restriction & membership plugin
eteubert
tduck-platform
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »