Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
crlf vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2008-0671
Stack-based buffer overflow in the add_line_buffer function in TinTin++ 1.97.9 and WinTin++ 1.97.9 allows remote malicious users to execute arbitrary code via a long chat message, related to conversion from LF to CRLF.
Tintin Tintin\\+\\+ 1.97.9
Tintin Wintin\\+\\+ 1.97.9
1 EDB exploit
1000
VMScore
CVE-2003-0101
miniserv.pl in (1) Webmin prior to 1.070 and (2) Usermin prior to 1.000 does not properly handle metacharacters such as line feeds and carriage returns (CRLF) in Base-64 encoded strings during Basic authentication, which allows remote malicious users to spoof a session ID and gai...
Usermin Usermin 0.6
Usermin Usermin 0.7
Usermin Usermin 0.96
Usermin Usermin 0.97
Usermin Usermin 0.4
Usermin Usermin 0.5
Usermin Usermin 0.93
Usermin Usermin 0.94
Usermin Usermin 0.95
Usermin Usermin 0.8
Usermin Usermin 0.9
Usermin Usermin 0.98
Usermin Usermin 0.99
Engardelinux Guardian Digital Webtool 1.2
Usermin Usermin 0.91
Usermin Usermin 0.92
Webmin Webmin 1.0.50
Webmin Webmin 1.0.60
1 EDB exploit
935
VMScore
CVE-2008-1770
CRLF injection vulnerability in Akamai Download Manager ActiveX control prior to 2.2.3.6 allows remote malicious users to force the download and execution of arbitrary files via a URL parameter containing an encoded LF followed by a malicious target line.
Akamai Download Manager 2.2.1.0
Akamai Download Manager
Akamai Download Manager 2.0.4.4
Akamai Download Manager 2.2.0.0
1 EDB exploit
915
VMScore
CVE-2003-0831
ProFTPD 1.2.7 up to and including 1.2.9rc2 does not properly translate newline characters when transferring files in ASCII mode, which allows remote malicious users to execute arbitrary code via a buffer overflow using certain files.
Proftpd Project Proftpd 1.2.7
Proftpd Project Proftpd 1.2.9 Rc2
Proftpd Project Proftpd 1.2.8 Rc2
Proftpd Project Proftpd 1.2.9 Rc1
Proftpd Project Proftpd 1.2.7 Rc1
Proftpd Project Proftpd 1.2.7 Rc2
Proftpd Project Proftpd 1.2.7 Rc3
Proftpd Project Proftpd 1.2.8
Proftpd Project Proftpd 1.2.8 Rc1
3 EDB exploits
890
VMScore
CVE-2011-2998
Integer underflow in Mozilla Firefox 3.6.x prior to 3.6.23 allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via JavaScript code containing a large RegExp expression.
Mozilla Firefox 3.6
Mozilla Firefox 3.6.10
Mozilla Firefox 3.6.11
Mozilla Firefox 3.6.18
Mozilla Firefox 3.6.19
Mozilla Firefox 3.6.8
Mozilla Firefox 3.6.9
Mozilla Firefox 3.6.16
Mozilla Firefox 3.6.17
Mozilla Firefox 3.6.2
Mozilla Firefox 3.6.3
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6.12
Mozilla Firefox 3.6.13
Mozilla Firefox 3.6.20
Mozilla Firefox 3.6.21
Mozilla Firefox 3.6.6
Mozilla Firefox 3.6.7
Mozilla Firefox 3.6.14
Mozilla Firefox 3.6.15
Mozilla Firefox 3.6.22
890
VMScore
CVE-2011-2995
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 3.6.23 and 4.x through 6, Thunderbird prior to 7.0, and SeaMonkey prior to 2.4 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly ex...
Mozilla Firefox 3.6.9
Mozilla Firefox 3.6.10
Mozilla Firefox 3.6.17
Mozilla Firefox 3.6.18
Mozilla Firefox 3.6.3
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6.13
Mozilla Firefox 3.6.14
Mozilla Firefox 3.6.21
Mozilla Firefox
Mozilla Firefox 3.6
Mozilla Firefox 3.6.2
Mozilla Firefox 3.6.11
Mozilla Firefox 3.6.12
Mozilla Firefox 3.6.19
Mozilla Firefox 3.6.20
Mozilla Firefox 3.6.6
Mozilla Firefox 3.6.7
Mozilla Firefox 3.6.8
Mozilla Firefox 3.6.15
Mozilla Firefox 3.6.16
Mozilla Firefox 4.0.1
890
VMScore
CVE-2008-4283
CRLF injection vulnerability in the WebContainer component in IBM WebSphere Application Server (WAS) 5.1.1.19 and previous versions 5.1.x versions allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
Ibm Websphere Application Server 5.1.1.12
Ibm Websphere Application Server 5.1.1.14
Ibm Websphere Application Server 5.1.1.8
Ibm Websphere Application Server 5.1.1.9
Ibm Websphere Application Server 5.1.0.2
Ibm Websphere Application Server 5.1.0
Ibm Websphere Application Server 5.0.2.7
Ibm Websphere Application Server 5.0.2.6
Ibm Websphere Application Server 5.0.2.13
Ibm Websphere Application Server 5.0.2.14
Ibm Websphere Application Server 5.0.2
Ibm Websphere Application Server
Ibm Websphere Application Server 5.1.1.15
Ibm Websphere Application Server 5.1.1.18
Ibm Websphere Application Server 5.1.1.5
Ibm Websphere Application Server 5.1.1
Ibm Websphere Application Server 5.1.0.5
Ibm Websphere Application Server 5.0
Ibm Websphere Application Server 5.1.1.11
Ibm Websphere Application Server 5.0.2.3
Ibm Websphere Application Server 5.0.2.2
Ibm Websphere Application Server 5.0.2.12
890
VMScore
CVE-2007-3208
CRLF injection vulnerability in Yet another Bulletin Board (YaBB) 2.1 allows remote malicious users to obtain administrative access via requests to (1) register.pl or (2) profile.pl that write CRLF sequences to a .vars file. NOTE: this can be leveraged to execute arbitrary code.
Yabb Yabb 2.1
890
VMScore
CVE-2002-2218
CRLF injection vulnerability in the setUserValue function in sipssys/code/site.inc.php in Haakon Nilsen simple, integrated publishing system (SIPS) prior to 20020209 has unknown impact, possibly gaining privileges or modifying critical configuration, via a CRLF sequence in a key ...
Sips Sips
829
VMScore
CVE-2017-15400
Insufficient restriction of IPP filters in CUPS in Google Chrome OS before 62.0.3202.74 allowed a remote malicious user to execute a command with the same privileges as the cups daemon via a crafted PPD file, aka a printer zeroconfig CRLF issue.
Google Chrome Os
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »