Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
igor vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-31086
Cross-Site Request Forgery (CSRF) vulnerability in Igor Benic Simple Giveaways – Grow your business, email lists and traffic with contests plugin <= 2.46.0 versions.
Ibenic Simple Giveaways
NA
CVE-2023-45011
Cross-Site Request Forgery (CSRF) vulnerability in Igor Buyanov WP Power Stats plugin <= 2.2.3 versions.
Websivu Wp Power Stats
NA
CVE-2022-44641
In Linaro Automated Validation Architecture (LAVA) prior to 2022.11, users with valid credentials can submit crafted XMLRPC requests that cause a recursive XML entity expansion, leading to excessive use of memory on the server and a Denial of Service.
Linaro Lava
Debian Debian Linux 10.0
Debian Debian Linux 11.0
NA
CVE-2022-42902
In Linaro Automated Validation Architecture (LAVA) prior to 2022.10, there is dynamic code execution in lava_server/lavatable.py. Due to improper input sanitization, an anonymous user can force the lava-server-gunicorn service to execute user-provided code on the server.
Linaro Lava
Debian Debian Linux 10.0
Debian Debian Linux 11.0
6.8
CVSSv2
CVE-2020-6505
Use after free in speech in Google Chrome before 83.0.4103.106 allowed a remote malicious user to potentially perform a sandbox escape via a crafted HTML page.
Google Chrome
4.3
CVSSv2
CVE-2020-6506
Insufficient policy enforcement in WebView in Google Chrome on Android before 83.0.4103.106 allowed a remote malicious user to bypass site isolation via a crafted HTML page.
Google Chrome
4 Github repositories
6.8
CVSSv2
CVE-2020-6507
Out of bounds write in V8 in Google Chrome before 83.0.4103.106 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
2 Github repositories
6.8
CVSSv2
CVE-2020-6509
Use after free in extensions in Google Chrome before 83.0.4103.116 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
Google Chrome
6.8
CVSSv2
CVE-2020-6493
Use after free in WebAuthentication in Google Chrome before 83.0.4103.97 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Google Chrome
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Backports Sle-15
4.3
CVSSv2
CVE-2020-6494
Incorrect security UI in payments in Google Chrome on Android before 83.0.4103.97 allowed a remote malicious user to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
Google Chrome
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »