Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
erlang vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-24379
WebDAV implementation in Yaws web server versions 1.81 to 2.0.7 is vulnerable to XXE injection.
Yaws Yaws
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
NA
CVE-2011-1753
expat_erl.c in ejabberd prior to 2.1.7 and 3.x prior to 3.0.0-alpha-3, and exmpp prior to 0.9.7, does not properly detect recursion during entity expansion, which allows remote malicious users to cause a denial of service (memory and CPU consumption) via a crafted XML document co...
Process-one Ejabberd 2.0.5
Process-one Ejabberd 2.0.4
Process-one Ejabberd 1.1.1.1
Process-one Ejabberd 1.1.0
Process-one Ejabberd 1.1.1
Process-one Ejabberd 1.1.14
Process-one Ejabberd 2.1.2
Process-one Ejabberd 2.1.1
Process-one Ejabberd 2.0.3
Process-one Ejabberd 0.9.1
Process-one Ejabberd 1.1.1.0
Process-one Ejabberd 2.0.0
Process-one Ejabberd 3.0.0
Process-one Ejabberd 2.1.0
Process-one Ejabberd 1.0.0
Process-one Ejabberd 0.9
Process-one Ejabberd 1.1.3
Process-one Ejabberd 2.1.5
Process-one Ejabberd
Process-one Ejabberd 1.1.2
Process-one Ejabberd 0.9.8
Process-one Ejabberd 2.0.2
9.8
CVSSv3
CVE-2017-12635
Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is possible in Apache CouchDB prior to 1.7.0 and 2.x prior to 2.1.1 to submit _users documents with duplicate keys for 'roles' used for access control within the database, including ...
Apache Couchdb
Apache Couchdb 2.0.0
2 EDB exploits
6 Github repositories
7.2
CVSSv3
CVE-2018-8007
Apache CouchDB administrative users can configure the database server via HTTP(S). Due to insufficient validation of administrator-supplied configuration settings via the HTTP API, it is possible for a CouchDB administrator user to escalate their privileges to that of the operati...
Apache Couchdb
9.8
CVSSv3
CVE-2002-0059
The decompression algorithm in zlib 1.1.3 and previous versions, as used in many different utilities and packages, causes inflateEnd to release certain memory more than once (a "double free"), which may allow local and remote malicious users to execute arbitrary code vi...
Zlib Zlib
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4