Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
darwin vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-24787
On Darwin, building a Go module which contains CGO can trigger arbitrary code execution when using the Apple version of ld, due to usage of the -lto_library flag in a "#cgo LDFLAGS" directive.
1 Github repository
7.5
CVSSv3
CVE-2022-1642
A program using swift-corelibs-foundation is vulnerable to a denial of service attack caused by a potentially malicious source producing a JSON document containing a type mismatch. This vulnerability is caused by the interaction between a deserialization mechanism offered by the ...
Apple Swift
7.5
CVSSv3
CVE-2022-29218
RubyGems is a package registry used to supply software for the Ruby language ecosystem. An ordering mistake in the code that accepts gem uploads allowed some gems (with platforms ending in numbers, like `arm64-darwin-21`) to be temporarily replaced in the CDN cache by a malicious...
Rubygems Rubygems.org -
6.1
CVSSv3
CVE-2021-25984
In Factor (App Framework & Headless CMS) forum plugin, versions v1.3.3 to v1.8.30, are vulnerable to stored Cross-Site Scripting (XSS) at the “post reply” section. An unauthenticated attacker can execute malicious JavaScript code and steal the session cookies.
Darwin Factor
6.1
CVSSv3
CVE-2021-25982
In Factor (App Framework & Headless CMS) forum plugin, versions 1.3.5 to 1.8.30, are vulnerable to reflected Cross-Site Scripting (XSS) at the “search” parameter in the URL. An unauthenticated attacker can execute malicious JavaScript code and steal the session co...
Darwin Factor
6.1
CVSSv3
CVE-2021-25983
In Factor (App Framework & Headless CMS) forum plugin, versions v1.3.8 to v1.8.30, are vulnerable to reflected Cross-Site Scripting (XSS) at the “tags” and “category” parameters in the URL. An unauthenticated attacker can execute malicious JavaScript c...
Darwin Factor
9.8
CVSSv3
CVE-2021-25985
In Factor (App Framework & Headless CMS) v1.0.4 to v1.8.30, improperly invalidate a user’s session even after the user logs out of the application. In addition, user sessions are stored in the browser’s local storage, which by default does not have an expiration t...
Darwin Factor
NA
CVE-2008-1146
A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 3-bit random hops (aka "Algorithm X3"), as used in OpenBSD 2.8 up to and including 4.2, allows remote malicious users to guess sensitive values such as DNS transaction IDs by observing a sequenc...
Darwin Darwin 9.1
Navision Financials Server 3.0
Cosmicperl Directory Pro 10.0.3
Darwin Darwin 1.0
NA
CVE-2008-1147
A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 2-bit random hops (aka "Algorithm X2"), as used in OpenBSD 2.6 up to and including 3.4, Mac OS X 10 up to and including 10.5.1, FreeBSD 4.4 up to and including 7.0, and DragonFlyBSD 1.0 up to an...
Cosmicperl Directory Pro 10.0.3
Darwin Darwin 1.0
Darwin Darwin 9.1
Navision Financials Server 3.0
NA
CVE-2008-1148
A certain pseudo-random number generator (PRNG) algorithm that uses ADD with 0 random hops (aka "Algorithm A0"), as used in OpenBSD 3.5 up to and including 4.2 and NetBSD 1.6.2 up to and including 4.0, allows remote malicious users to guess sensitive values such as (1) ...
Cosmicperl Directory Pro 10.0.3
Navision Financials Server 3.0
Darwin Darwin 1.0
Darwin Darwin 9.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »