Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
darwin vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-24787
On Darwin, building a Go module which contains CGO can trigger arbitrary code execution when using the Apple version of ld, due to usage of the -lto_library flag in a "#cgo LDFLAGS" directive.
1 Github repository
5
CVSSv2
CVE-2022-1642
A program using swift-corelibs-foundation is vulnerable to a denial of service attack caused by a potentially malicious source producing a JSON document containing a type mismatch. This vulnerability is caused by the interaction between a deserialization mechanism offered by the ...
Apple Swift
5
CVSSv2
CVE-2022-29218
RubyGems is a package registry used to supply software for the Ruby language ecosystem. An ordering mistake in the code that accepts gem uploads allowed some gems (with platforms ending in numbers, like `arm64-darwin-21`) to be temporarily replaced in the CDN cache by a malicious...
Rubygems Rubygems.org -
4.3
CVSSv2
CVE-2021-25982
In Factor (App Framework & Headless CMS) forum plugin, versions 1.3.5 to 1.8.30, are vulnerable to reflected Cross-Site Scripting (XSS) at the “search” parameter in the URL. An unauthenticated attacker can execute malicious JavaScript code and steal the session co...
Darwin Factor
4.3
CVSSv2
CVE-2021-25983
In Factor (App Framework & Headless CMS) forum plugin, versions v1.3.8 to v1.8.30, are vulnerable to reflected Cross-Site Scripting (XSS) at the “tags” and “category” parameters in the URL. An unauthenticated attacker can execute malicious JavaScript c...
Darwin Factor
4.3
CVSSv2
CVE-2021-25984
In Factor (App Framework & Headless CMS) forum plugin, versions v1.3.3 to v1.8.30, are vulnerable to stored Cross-Site Scripting (XSS) at the “post reply” section. An unauthenticated attacker can execute malicious JavaScript code and steal the session cookies.
Darwin Factor
7.5
CVSSv2
CVE-2021-25985
In Factor (App Framework & Headless CMS) v1.0.4 to v1.8.30, improperly invalidate a user’s session even after the user logs out of the application. In addition, user sessions are stored in the browser’s local storage, which by default does not have an expiration t...
Darwin Factor
6.8
CVSSv2
CVE-2008-1146
A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 3-bit random hops (aka "Algorithm X3"), as used in OpenBSD 2.8 up to and including 4.2, allows remote malicious users to guess sensitive values such as DNS transaction IDs by observing a sequenc...
Darwin Darwin 9.1
Navision Financials Server 3.0
Cosmicperl Directory Pro 10.0.3
Darwin Darwin 1.0
6.8
CVSSv2
CVE-2008-1147
A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 2-bit random hops (aka "Algorithm X2"), as used in OpenBSD 2.6 up to and including 3.4, Mac OS X 10 up to and including 10.5.1, FreeBSD 4.4 up to and including 7.0, and DragonFlyBSD 1.0 up to an...
Cosmicperl Directory Pro 10.0.3
Darwin Darwin 1.0
Darwin Darwin 9.1
Navision Financials Server 3.0
6.8
CVSSv2
CVE-2008-1148
A certain pseudo-random number generator (PRNG) algorithm that uses ADD with 0 random hops (aka "Algorithm A0"), as used in OpenBSD 3.5 up to and including 4.2 and NetBSD 1.6.2 up to and including 4.0, allows remote malicious users to guess sensitive values such as (1) ...
Cosmicperl Directory Pro 10.0.3
Navision Financials Server 3.0
Darwin Darwin 1.0
Darwin Darwin 9.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
CVE-2023-52162
CVE-2024-23670
CVE-2024-5404
man-in-the-middle
CVE-2024-5214
CVE-2024-4358
CVE-2024-20696
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »