Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hip vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2019-9745
CloudCTI HIP Integrator Recognition Configuration Tool allows privilege escalation via its EXQUISE integration. This tool communicates with a service (Recognition Update Client Service) via an insecure communication channel (Named Pipe). The data (JSON) sent via this channel is u...
Cloudcti Hip Integrator Recognition Configuration Tool -
1 Github repository
10
CVSSv2
CVE-2000-0343
Buffer overflow in Sniffit 0.3.x with the -L logging option enabled allows remote malicious users to execute arbitrary commands via a long MAIL FROM mail header.
Brecht Claerhout Sniffit 0.3.7beta
Brecht Claerhout Sniffit 0.3.6hip
3 EDB exploits
4.3
CVSSv2
CVE-2012-6272
Multiple cross-site scripting (XSS) vulnerabilities in Dell OpenManage Server Administrator 6.5.0.1, 7.0.0.1, and 7.1.0.1 allow remote malicious users to inject arbitrary web script or HTML via the topic parameter to html/index_main.htm in (1) help/sm/en/Output/wwhelp/wwhimpl/js/...
Dell Openmanage Server Administrator 7.0.0.1
Dell Openmanage Server Administrator 6.5.0.1
Dell Openmanage Server Administrator 7.1.0.1
1 EDB exploit
5
CVSSv2
CVE-2014-6426
The dissect_hip_tlv function in epan/dissectors/packet-hip.c in the HIP dissector in Wireshark 1.12.x prior to 1.12.1 does not properly handle a NULL tree, which allows remote malicious users to cause a denial of service (infinite loop) via a crafted packet.
Wireshark Wireshark 1.12.0
4.3
CVSSv2
CVE-2013-1464
Cross-site scripting (XSS) vulnerability in assets/player.swf in the Audio Player plugin prior to 2.0.4.6 for Wordpress allows remote malicious users to inject arbitrary web script or HTML via the playerID parameter.
Doryphores Audio Player
Doryphores Audio Player 2.0.1.0
Doryphores Audio Player 2.0.3.1
Doryphores Audio Player 2.0.4.0
Doryphores Audio Player 2.0.4.4
Doryphores Audio Player 2.0.4.3
Doryphores Audio Player 2.0.4.1
Doryphores Audio Player 2.0.3.0
Doryphores Audio Player 2.0.2.0
1 EDB exploit
4.3
CVSSv2
CVE-2013-2714
Cross-site Scripting (XSS) in WordPress podPress Plugin 8.8.10.13 could allow remote malicious users to inject arbitrary web script or html via the 'playerID' parameter.
Podpress Project Podpress 8.8.10.13
1 EDB exploit
4.3
CVSSv2
CVE-2013-1636
Cross-site scripting (XSS) vulnerability in open-flash-chart.swf in Open Flash Chart (aka Open-Flash Chart), as used in the Pretty Link Lite plugin prior to 1.6.3 for WordPress, JNews (com_jnews) component 8.0.1 for Joomla!, and CiviCRM 3.1.0 up to and including 4.2.9 and 4.3.0 u...
Blair Williams Pretty Link Lite 1.6.0
Blair Williams Pretty Link Lite 1.6.1
Blair Williams Pretty Link Lite
Joobi Com Jnews 8.0.1
Civicrm Civicrm 4.3.1
Civicrm Civicrm 3.1.1
Civicrm Civicrm 3.1.2
Civicrm Civicrm 3.2.2
Civicrm Civicrm 3.2.3
Civicrm Civicrm 3.3.6
Civicrm Civicrm 3.4.0
Civicrm Civicrm 4.1.5
Civicrm Civicrm 4.1.6
Civicrm Civicrm 4.2.7
Civicrm Civicrm 4.2.8
Civicrm Civicrm 4.3.3
Civicrm Civicrm 3.1.0
Civicrm Civicrm 3.2.0
Civicrm Civicrm 3.2.1
Civicrm Civicrm 3.3.3
Civicrm Civicrm 3.3.5
Civicrm Civicrm 4.1.3
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started