Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
email-address project email-address vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-3477
The tagDiv Composer WordPress plugin prior to 3.5, required by the Newspaper WordPress theme prior to 12.1 and Newsmag WordPress theme prior to 5.2.2, does not properly implement the Facebook login feature, allowing unauthenticated malicious users to login as any user by just kno...
Tagdiv Composer Project Tagdiv Composer
Newsmag Project Newsmag
Newspaper Project Newspaper
8.8
CVSSv3
CVE-2021-24892
Insecure Direct Object Reference in edit function of Advanced Forms (Free & Pro) prior to 1.6.9 allows authenticated remote malicious user to change arbitrary user's email address and request for reset password, which could lead to take over of WordPress's administr...
Advanced Forms Project Advanced Forms
8.8
CVSSv3
CVE-2017-5943
Request Tracker (RT) 4.x prior to 4.0.25, 4.2.x prior to 4.2.14, and 4.4.x prior to 4.4.2 allows remote malicious users to obtain sensitive information about cross-site request forgery (CSRF) verification tokens via a crafted URL.
Bestpractical Request Tracker 4.2.3
Bestpractical Request Tracker 4.2.6
Bestpractical Request Tracker 4.0.18
Bestpractical Request Tracker 4.0.0
Bestpractical Request Tracker 4.0.6
Bestpractical Request Tracker 4.2.12
Bestpractical Request Tracker 4.0.7
Bestpractical Request Tracker 4.0.17
Bestpractical Request Tracker 4.0.21
Bestpractical Request Tracker 4.0.22
Bestpractical Request Tracker 4.0.5
Bestpractical Request Tracker 4.2.2
Bestpractical Request Tracker 4.0.15
Bestpractical Request Tracker 4.2.7
Bestpractical Request Tracker 4.2.0
Bestpractical Request Tracker 4.0.1
Bestpractical Request Tracker 4.0.2
Bestpractical Request Tracker 4.0.10
Bestpractical Request Tracker 4.2.10
Bestpractical Request Tracker 4.0.9
Bestpractical Request Tracker 4.0.14
Bestpractical Request Tracker 4.0.4
8.8
CVSSv3
CVE-2017-5944
The dashboard subscription interface in Request Tracker (RT) 4.x prior to 4.0.25, 4.2.x prior to 4.2.14, and 4.4.x prior to 4.4.2 might allow remote authenticated users with certain privileges to execute arbitrary code via a crafted saved search name.
Bestpractical Request Tracker 4.2.3
Bestpractical Request Tracker 4.2.6
Bestpractical Request Tracker 4.0.18
Bestpractical Request Tracker 4.0.0
Bestpractical Request Tracker 4.0.6
Bestpractical Request Tracker 4.2.12
Bestpractical Request Tracker 4.0.7
Bestpractical Request Tracker 4.0.17
Bestpractical Request Tracker 4.0.21
Bestpractical Request Tracker 4.0.22
Bestpractical Request Tracker 4.0.5
Bestpractical Request Tracker 4.2.2
Bestpractical Request Tracker 4.0.15
Bestpractical Request Tracker 4.2.7
Bestpractical Request Tracker 4.2.0
Bestpractical Request Tracker 4.0.1
Bestpractical Request Tracker 4.0.2
Bestpractical Request Tracker 4.0.10
Bestpractical Request Tracker 4.2.10
Bestpractical Request Tracker 4.0.9
Bestpractical Request Tracker 4.0.14
Bestpractical Request Tracker 4.0.4
8.1
CVSSv3
CVE-2022-2326
An issue has been discovered in GitLab CE/EE affecting all versions prior to 15.0.5, all versions starting from 15.1 prior to 15.1.4, all versions starting from 15.2 prior to 15.2.1. It may be possible to gain access to a private project through an email invite by using other use...
Gitlab Gitlab
Gitlab Gitlab 15.2
8.1
CVSSv3
CVE-2018-1000025
Jerome Gamez Firebase Admin SDK for PHP version from 3.2.0 to 3.8.0 contains a Incorrect Access Control vulnerability in src/Firebase/Auth/IdTokenVerifier.php does not verify for token signature that can result in JWT with any email address and user ID could be forged from an act...
Firebase Admin Sdk For Php Project Firebase Admin Sdk For Php
7.8
CVSSv3
CVE-2014-7844
BSD mailx 8.1.2 and previous versions allows remote malicious users to execute arbitrary commands via a crafted email address.
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Aus 6.6
Redhat Enterprise Linux Server Eus 7.2
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Server Tus 6.6
Redhat Enterprise Linux Server Eus 6.6
Redhat Enterprise Linux Server Eus 7.7
Redhat Enterprise Linux Server Aus 7.7
Redhat Enterprise Linux Server Tus 7.7
7.7
CVSSv3
CVE-2020-26254
omniauth-apple is the OmniAuth strategy for "Sign In with Apple" (RubyGem omniauth-apple). In omniauth-apple before version 1.0.1 attackers can fake their email address during authentication. This vulnerability impacts applications using the omniauth-apple strategy of O...
Omniauth-apple Project Omniauth-apple
7.5
CVSSv3
CVE-2022-3786
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue ce...
Openssl Openssl
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Nodejs Node.js 19.0.0
Nodejs Node.js 18.12.0
Nodejs Node.js
24 Github repositories
1 Article
7.5
CVSSv3
CVE-2022-3602
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue...
Openssl Openssl
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Netapp Clustered Data Ontap -
Fedoraproject Fedora 26
Fedoraproject Fedora 27
Nodejs Node.js 19.0.0
Nodejs Node.js 18.12.0
Nodejs Node.js
30 Github repositories
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »