Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
igor vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-31086
Cross-Site Request Forgery (CSRF) vulnerability in Igor Benic Simple Giveaways – Grow your business, email lists and traffic with contests plugin <= 2.46.0 versions.
Ibenic Simple Giveaways
8.8
CVSSv3
CVE-2023-45011
Cross-Site Request Forgery (CSRF) vulnerability in Igor Buyanov WP Power Stats plugin <= 2.2.3 versions.
Websivu Wp Power Stats
6.5
CVSSv3
CVE-2022-44641
In Linaro Automated Validation Architecture (LAVA) prior to 2022.11, users with valid credentials can submit crafted XMLRPC requests that cause a recursive XML entity expansion, leading to excessive use of memory on the server and a Denial of Service.
Linaro Lava
Debian Debian Linux 10.0
Debian Debian Linux 11.0
8.8
CVSSv3
CVE-2022-42902
In Linaro Automated Validation Architecture (LAVA) prior to 2022.10, there is dynamic code execution in lava_server/lavatable.py. Due to improper input sanitization, an anonymous user can force the lava-server-gunicorn service to execute user-provided code on the server.
Linaro Lava
Debian Debian Linux 10.0
Debian Debian Linux 11.0
9.6
CVSSv3
CVE-2020-6505
Use after free in speech in Google Chrome before 83.0.4103.106 allowed a remote malicious user to potentially perform a sandbox escape via a crafted HTML page.
Google Chrome
6.5
CVSSv3
CVE-2020-6506
Insufficient policy enforcement in WebView in Google Chrome on Android before 83.0.4103.106 allowed a remote malicious user to bypass site isolation via a crafted HTML page.
Google Chrome
4 Github repositories
9.6
CVSSv3
CVE-2020-6509
Use after free in extensions in Google Chrome before 83.0.4103.116 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
Google Chrome
8.8
CVSSv3
CVE-2020-6507
Out of bounds write in V8 in Google Chrome before 83.0.4103.106 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
2 Github repositories
8.8
CVSSv3
CVE-2020-6496
Use after free in payments in Google Chrome on MacOS before 83.0.4103.97 allowed a remote malicious user to potentially perform a sandbox escape via a crafted HTML page.
Google Chrome
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Backports Sle 15.0
Opensuse Leap 15.1
6.5
CVSSv3
CVE-2020-6497
Insufficient policy enforcement in Omnibox in Google Chrome on iOS before 83.0.4103.88 allowed a remote malicious user to perform domain spoofing via a crafted URI.
Google Chrome
Debian Debian Linux 9.0
Debian Debian Linux 10.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »