Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
flag content vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2010-1568
The Send Secure functionality in the Cisco IronPort Desktop Flag Plug-in for Outlook prior to 6.5.0-006 does not properly handle simultaneously composed messages, which might allow remote malicious users to obtain cleartext contents of e-mail messages that were intended to be enc...
Cisco Ironport Desktop Flag Plugin For Outlook 6.2.4.3
Cisco Ironport Desktop Flag Plugin For Outlook
445
VMScore
CVE-2013-4725
DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, does not set the secure flag for an unspecified cookie in an https session, which makes it easier for remote malicious users to capture this cookie by intercepting its transmis...
Ddsn Cm3 Acora Content Management System 6.0.6\\/1a
Ddsn Cm3 Acora Content Management System 5.5.7\\/12b
Ddsn Cm3 Acora Content Management System 6.0.2\\/1a
Ddsn Cm3 Acora Content Management System 5.5.0\\/1b-p1
445
VMScore
CVE-2013-4724
DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, does not include the HTTPOnly flag in a Set-Cookie header for an unspecified cookie, which makes it easier for remote malicious users to obtain potentially sensitive informatio...
Ddsn Cm3 Acora Content Management System 6.0.2\\/1a
Ddsn Cm3 Acora Content Management System 5.5.7\\/12b
Ddsn Cm3 Acora Content Management System 5.5.0\\/1b-p1
Ddsn Cm3 Acora Content Management System 6.0.6\\/1a
445
VMScore
CVE-2021-34697
A vulnerability in the Protection Against Distributed Denial of Service Attacks feature of Cisco IOS XE Software could allow an unauthenticated, remote malicious user to conduct denial of service (DoS) attacks to or through the affected device. This vulnerability is due to incorr...
Cisco Ios Xe
383
VMScore
CVE-2016-6422
Cisco IOS 12.2(33)SXJ9 on Supervisor Engine 32 and 720 modules for 6500 and 7600 devices mishandles certain operators, flags, and keywords in TCAM share ACLs, which allows remote malicious users to bypass intended access restrictions by sending packets that should have been recog...
Cisco Ios 12.2\\(33\\)sxj9
685
VMScore
CVE-2019-6215
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.
Apple Iphone Os
Apple Tvos
Apple Watchos
Apple Safari
Apple Icloud
Apple Itunes
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
1 EDB exploit
383
VMScore
CVE-2009-5096
Cross-site scripting (XSS) vulnerability in the Flag Content module 5.x-2.x prior to 5.x-2.10 for Drupal allows remote malicious users to inject arbitrary web script or HTML via the Reason parameter.
Khalid Baheyeldin Flag Content 5.x-2.5
Khalid Baheyeldin Flag Content 5.x-2.6
Khalid Baheyeldin Flag Content 5.x-2.7
Khalid Baheyeldin Flag Content 5.x-2.8
Khalid Baheyeldin Flag Content 5.x-2.2
Khalid Baheyeldin Flag Content 5.x-2.4
Khalid Baheyeldin Flag Content 5.x-2.0
Khalid Baheyeldin Flag Content 5.x-2.1
Khalid Baheyeldin Flag Content 5.x-2.9
Khalid Baheyeldin Flag Content 5.x-2.x-dev
384
VMScore
CVE-2020-15653
An iframe sandbox element with the allow-popups flag could be bypassed when using noopener links. This could have led to security issues for websites relying on sandbox configurations that allowed popups and hosted arbitrary content. This vulnerability affects Firefox ESR < 78...
Mozilla Thunderbird
Mozilla Firefox Esr
Mozilla Firefox
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
725
VMScore
CVE-2016-1611
Novell Filr 1.2 before Hot Patch 6 and 2.0 before Hot Patch 2 uses world-writable permissions for /etc/profile.d/vainit.sh, which allows local users to gain privileges by replacing this file's content with arbitrary shell commands.
Novell Filr
1 EDB exploit
NA
CVE-2023-44125
The vulnerability is the use of implicit PendingIntents without the PendingIntent.FLAG_IMMUTABLE set that leads to theft and/or (over-)write of arbitrary files with system privilege in the Personalized service ("com.lge.abba") app. The attacker's app, if it had acc...
Google Android 12.0
Google Android 13.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »