Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
evergreen vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2015-5125
Adobe Flash Player prior to 18.0.0.232 on Windows and OS X and prior to 11.2.202.508 on Linux, Adobe AIR prior to 18.0.0.199, Adobe AIR SDK prior to 18.0.0.199, and Adobe AIR SDK & Compiler prior to 18.0.0.199 allow malicious users to cause a denial of service (vector-length ...
Adobe Air Sdk
Adobe Air
Adobe Air Sdk \\& Compiler
Adobe Flash Player
Opensuse Evergreen 11.4
10
CVSSv2
CVE-2014-1553
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 32.0, Firefox ESR 31.x prior to 31.1, and Thunderbird 31.x prior to 31.1 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute ...
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Opensuse Evergreen 11.4
Mozilla Thunderbird 31.0
Mozilla Firefox 31.0
Mozilla Firefox 30.0
Mozilla Firefox Esr 31.0
Mozilla Firefox
10
CVSSv2
CVE-2014-1563
Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox prior to 32.0, Firefox ESR 31.x prior to 31.1, and Thunderbird 31.x prior to 31.1 allows remote malicious users to execute arbitrary code or cause a denial of service (heap memory co...
Opensuse Opensuse 13.1
Opensuse Evergreen 11.4
Opensuse Opensuse 12.3
Oracle Solaris 11.3
Mozilla Firefox 31.0
Mozilla Firefox 30.0
Mozilla Firefox Esr 31.0
Mozilla Firefox
Mozilla Thunderbird 31.0
6.9
CVSSv2
CVE-2015-0833
Multiple untrusted search path vulnerabilities in updater.exe in Mozilla Firefox prior to 36.0, Firefox ESR 31.x prior to 31.5, and Thunderbird prior to 31.5 on Windows, when the Maintenance Service is not used, allow local users to gain privileges via a Trojan horse DLL in (1) t...
Opensuse Evergreen 11.4
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Mozilla Firefox 31.1.0
Mozilla Firefox 31.0
Mozilla Firefox 3.6.3
Mozilla Firefox 3.6.28
Mozilla Firefox 3.6.20
Mozilla Firefox 3.6.2
Mozilla Firefox 3.6.13
Mozilla Firefox 3.6.12
Mozilla Firefox 3.5.6
Mozilla Firefox 3.5.5
Mozilla Firefox 3.5.15
Mozilla Firefox 3.5.14
Mozilla Firefox 3.0.9
Mozilla Firefox 3.0.8
Mozilla Firefox 3.0.19
Mozilla Firefox 3.0.18
Mozilla Firefox 3.0.10
Mozilla Firefox 3.0.1
Mozilla Firefox 33.0
5
CVSSv2
CVE-2015-2204
Evergreen prior to 2.5.9, 2.6.x prior to 2.6.7, and 2.7.x prior to 2.7.4 allows remote malicious users to bypass an intended access restriction and obtain sensitive information about org unit settings by leveraging failure of open-ils.actor.ou_setting.ancestor_default to enforce ...
Evergreen-ils Evergreen
5
CVSSv2
CVE-2014-9323
The xdr_status_vector function in Firebird prior to 2.1.7 and 2.5.x prior to 2.5.3 SU1 allows remote malicious users to cause a denial of service (NULL pointer dereference, segmentation fault, and crash) via an op_response action with a non-empty status.
Firebirdsql Firebird
Opensuse Evergreen 11.4
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Canonical Ubuntu Linux 14.04
5
CVSSv2
CVE-2014-1626
XML External Entity (XXE) vulnerability in MARC::File::XML module prior to 1.0.2 for Perl, as used in Evergreen, Koha, perl4lib, and possibly other products, allows context-dependent malicious users to read arbitrary files via a crafted XML file.
Galen Charlton Marc-xml
Galen Charlton Marc-xml 1.0
4.3
CVSSv2
CVE-2014-1564
Mozilla Firefox prior to 32.0, Firefox ESR 31.x prior to 31.1, and Thunderbird 31.x prior to 31.1 do not properly initialize memory for GIF rendering, which allows remote malicious users to obtain sensitive information from process memory via crafted web script that interacts wit...
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Opensuse Evergreen 11.4
Mozilla Thunderbird 31.0
Mozilla Firefox
Mozilla Firefox 31.0
Mozilla Firefox Esr 31.0
Mozilla Firefox 30.0
1 EDB exploit
4
CVSSv2
CVE-2015-2203
Evergreen 2.5.9, 2.6.7, and 2.7.4 allows remote authenticated users with STAFF_LOGIN permission to obtain sensitive settings history information by leveraging listing of open-ils.pcrud as a controller in the IDL.
Evergreen-ils Evergreen 2.7.4
Evergreen-ils Evergreen 2.6.7
Evergreen-ils Evergreen 2.5.9
4
CVSSv2
CVE-2013-7435
The open-ils.pcrud endpoint in Evergreen prior to 2.5.9, 2.6.x prior to 2.6.7, and 2.7.x prior to 2.7.4 allows remote malicious users to obtain sensitive settings history information by leveraging lack of user permission for retrieval in fm_IDL.xml.
Evergreen-ils Evergreen
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »