Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
erlang vulnerabilities and exploits
(subscribe to this query)
801
VMScore
CVE-2018-15728
Couchbase Server exposed the '/diag/eval' endpoint which by default is available on TCP/8091 and/or TCP/18091. Authenticated users that have 'Full Admin' role assigned could send arbitrary Erlang code to the 'diag/eval' endpoint of the API and the co...
Couchbase Couchbase Server -
801
VMScore
CVE-2018-8007
Apache CouchDB administrative users can configure the database server via HTTP(S). Due to insufficient validation of administrator-supplied configuration settings via the HTTP API, it is possible for a CouchDB administrator user to escalate their privileges to that of the operati...
Apache Couchdb
1000
VMScore
CVE-2017-12635
Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is possible in Apache CouchDB prior to 1.7.0 and 2.x prior to 2.1.1 to submit _users documents with duplicate keys for 'roles' used for access control within the database, including ...
Apache Couchdb
Apache Couchdb 2.0.0
2 EDB exploits
6 Github repositories
668
VMScore
CVE-2016-10253
An issue exists in Erlang/OTP 18.x. Erlang's generation of compiled regular expressions is vulnerable to a heap overflow. Regular expressions using a malformed extpattern can indirectly specify an offset that is used as an array index. This ordinal permits arbitrary regions ...
Erlang Erlang\\/otp 19.3.6.8
Erlang Erlang\\/otp 19.3.6.6
Erlang Erlang\\/otp 19.3.6
Erlang Erlang\\/otp 19.1.6.1
Erlang Erlang\\/otp 19.3
Erlang Erlang\\/otp 19.2.2
Erlang Erlang\\/otp 19.1.2
Erlang Erlang\\/otp 19.1
Erlang Erlang\\/otp 19.0.1
Erlang Erlang\\/otp 18.0
Erlang Erlang\\/otp 18.0.3
Erlang Erlang\\/otp 18.1.1
Erlang Erlang\\/otp 18.2.2
Erlang Erlang\\/otp 18.2.4
Erlang Erlang\\/otp 18.3.4.1
Erlang Erlang\\/otp 18.3.4.3
Erlang Erlang\\/otp 19.0
Erlang Erlang\\/otp 19.3.4
Erlang Erlang\\/otp 19.3.3
Erlang Erlang\\/otp 19.3.2
Erlang Erlang\\/otp 19.3.1
Erlang Erlang\\/otp 19.0.6
383
VMScore
CVE-2015-2774
Erlang/OTP prior to 18.0-rc1 does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle malicious users to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE).
Erlang Erlang\\/otp
Oracle Solaris 11.2
Opensuse Opensuse 13.2
187
VMScore
CVE-2014-9568
puppetlabs-rabbitmq 3.0 up to and including 4.1 stores the RabbitMQ Erlang cookie value in the facts of a node, which allows local users to obtain sensitive information as demonstrated by using Facter.
Voxpupuli Rabbitmq 3.0.0
Voxpupuli Rabbitmq 3.1.0
Voxpupuli Rabbitmq 4.0.0
668
VMScore
CVE-2014-1693
Multiple CRLF injection vulnerabilities in the FTP module in Erlang/OTP R15B03 allow context-dependent malicious users to inject arbitrary FTP commands via CRLF sequences in the (1) user, (2) account, (3) cd, (4) ls, (5) nlist, (6) rename, (7) delete, (8) mkdir, (9) rmdir, (10) r...
Erlang Erlang\\/otp R15b03
694
VMScore
CVE-2014-2829
Erlang Solutions MongooseIM up to and including 1.3.1 rev. 2 does not properly restrict the processing of compressed XML elements, which allows remote malicious users to cause a denial of service (resource consumption) via a crafted XMPP stream, aka an "xmppbomb" attack...
Erlang-solutions Mongooseim 1.3.0
Erlang-solutions Mongooseim 1.2.1
Erlang-solutions Mongooseim
Erlang-solutions Mongooseim 1.2.2
Erlang-solutions Mongooseim 1.3.1
440
VMScore
CVE-2011-5025
Multiple cross-site scripting (XSS) vulnerabilities in the wiki application in Yaws 1.88 allow remote malicious users to inject arbitrary web script or HTML via (1) the tag parameter to editTag.yaws, (2) the index parameter to showOldPage.yaws, (3) the node parameter to allRefsTo...
Yaws Yaws 1.88
2 EDB exploits
445
VMScore
CVE-2011-1753
expat_erl.c in ejabberd prior to 2.1.7 and 3.x prior to 3.0.0-alpha-3, and exmpp prior to 0.9.7, does not properly detect recursion during entity expansion, which allows remote malicious users to cause a denial of service (memory and CPU consumption) via a crafted XML document co...
Process-one Ejabberd 2.0.5
Process-one Ejabberd 2.0.4
Process-one Ejabberd 1.1.1.1
Process-one Ejabberd 1.1.0
Process-one Ejabberd 1.1.1
Process-one Ejabberd 1.1.14
Process-one Ejabberd 2.1.2
Process-one Ejabberd 2.1.1
Process-one Ejabberd 2.0.3
Process-one Ejabberd 0.9.1
Process-one Ejabberd 1.1.1.0
Process-one Ejabberd 2.0.0
Process-one Ejabberd 3.0.0
Process-one Ejabberd 2.1.0
Process-one Ejabberd 1.0.0
Process-one Ejabberd 0.9
Process-one Ejabberd 1.1.3
Process-one Ejabberd 2.1.5
Process-one Ejabberd
Process-one Ejabberd 1.1.2
Process-one Ejabberd 0.9.8
Process-one Ejabberd 2.0.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »