Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cvs vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-4098
Tor prior to 0.1.2.15 does not properly distinguish "streamids from different exits," which might allow remote attackers with control over Tor routers to inject cells into arbitrary streams.
Tor Tor 0.1.0.10
Tor Tor 0.1.1.2 Alpha
Tor Tor 0.1.1.20
Tor Tor 0.1.0.11
Tor Tor 0.1.0.12
Tor Tor 0.1.1.23
Tor Tor 0.1.1.3 Alpha
Tor Tor 0.1.0.13
Tor Tor 0.1.0.14
Tor Tor 0.1.1.4 Alpha
Tor Tor 0.1.1.5 Alpha
Tor Tor 0.1.0.18
Tor Tor 0.1.1.1 Alpha
Tor Tor 0.1.2.1 Alpha-cvs
Tor Tor 0.1.2.14
NA
CVE-2007-4099
Tor prior to 0.1.2.15 can select a guard node beyond the first listed never-before-connected-to guard node, which allows remote attackers with control of certain guard nodes to obtain sensitive information and possibly leverage further attacks.
Tor Tor 0.1.0.10
Tor Tor 0.1.1.20
Tor Tor 0.1.1.23
Tor Tor 0.1.0.11
Tor Tor 0.1.0.12
Tor Tor 0.1.1.3 Alpha
Tor Tor 0.1.1.4 Alpha
Tor Tor 0.1.0.13
Tor Tor 0.1.0.14
Tor Tor 0.1.0.18
Tor Tor 0.1.1.5 Alpha
Tor Tor 0.1.2.1 Alpha-cvs
Tor Tor 0.1.1.1 Alpha
Tor Tor 0.1.1.2 Alpha
Tor Tor 0.1.2.14
NA
CVE-2007-3165
Tor prior to 0.1.2.14 can construct circuits in which an entry guard is in the same family as the exit node, which might compromise the anonymity of traffic sources and destinations by exposing traffic to inappropriate remote observers.
Tor Tor 0.0.9.2
Tor Tor 0.0.9.3
Tor Tor 0.1.0.11
Tor Tor 0.1.0.12
Tor Tor 0.1.1.3 Alpha
Tor Tor 0.1.1.4 Alpha
Tor Tor 0.0.9.1
Tor Tor 0.0.9.10
Tor Tor 0.0.9.8
Tor Tor 0.0.9.9
Tor Tor 0.1.0.10
Tor Tor 0.1.1.20
Tor Tor 0.1.1.23
Tor Tor 0.0.9.4
Tor Tor 0.0.9.5
Tor Tor 0.1.0.13
Tor Tor 0.1.0.14
Tor Tor 0.1.1.5 Alpha
Tor Tor 0.1.2.1 Alpha-cvs
Tor Tor 0.0.9
Tor Tor 0.0.9.6
Tor Tor 0.0.9.7
NA
CVE-2007-0246
plugins/scmcvs/www/cvsweb.php in the CVSWeb CGI in GForge 4.5.16 prior to 20070524, aka gforge-plugin-scmcvs, allows remote malicious users to execute arbitrary commands via shell metacharacters in the PATH_INFO.
Gforge Gforge
NA
CVE-2007-1381
The wddx_deserialize function in wddx.c 1.119.2.10.2.12 and 1.119.2.10.2.13 in PHP 5, as modified in CVS on 20070224 and fixed on 20070304, calls strlcpy where strlcat was intended and uses improper arguments, which allows context-dependent malicious users to execute arbitrary co...
Php Php 5.0.0
1 EDB exploit
NA
CVE-2007-1287
A regression error in the phpinfo function in PHP 4.4.3 to 4.4.6, and PHP 6.0 in CVS, allows remote malicious users to conduct cross-site scripting (XSS) attacks via GET, POST, or COOKIE array values, which are not escaped in the phpinfo output, as originally fixed for CVE-2005-3...
Php Php 4.4.6
Php Php 6.0
Php Php 4.4.4
Php Php 4.4.5
1 EDB exploit
NA
CVE-2006-7075
Buffer overflow in the meta_read_flac function in meta_decoder.c for Aqualung 0.9beta5 and previous versions, and CVS 0.193.2 and previous versions, allows user-assisted malicious users to execute arbitrary code via a long Vorbis comment in a Free Lossless Audio Codec (FLAC) file...
Aqualung Aqualung 0.9 Beta5
NA
CVE-2006-6386
Cross-site scripting (XSS) vulnerability in the CVS management/tracker 4.7.x-1.0, 4.7.x-2.0, and 4.7.0 (before the 20060807 contribution release system) for Drupal allows remote malicious users to inject arbitrary web script or HTML via the motivation field in the CVS application...
Drupal Cvs Management And Tracker 4.7 1.0
Drupal Cvs Management And Tracker 4.7 2.0
NA
CVE-2006-6226
Multiple format string vulnerabilities in NeoEngine 0.8.2 and previous versions, and CVS 3422, allow remote malicious users to cause a denial of service and possibly execute arbitrary code via (1) Console::Render in neoengine/console.cpp and (2) TextArea::Render in neowtk/textare...
Neoengine Neoengine 0.8.2
NA
CVE-2006-6227
The Core::Receive function in neonet/core.cpp for NeoEngine 0.8.2 and previous versions, and CVS 3422, allow remote malicious users to cause a denial of service (engine crash) via a message with a large uiMessageLength that produces a failed memory allocation and a null pointer d...
Neoengine Neoengine 0.8.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »