Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jasper vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-3520
There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this...
Lz4 Project Lz4
Netapp Cloud Backup -
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager -
Oracle Zfs Storage Appliance Kit 8.8
Oracle Communications Cloud Native Core Policy 1.14.0
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
9.8
CVSSv3
CVE-2020-11651
An issue exists in SaltStack Salt prior to 2019.2.4 and 3000 prior to 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. These methods can be used to retrieve user toke...
Saltstack Salt
Opensuse Leap 15.1
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 16.04
Vmware Application Remote Collector 8.0.0
Vmware Application Remote Collector 7.5.0
17 Github repositories
4 Articles
9.8
CVSSv3
CVE-2018-7600
Drupal prior to 7.58, 8.x prior to 8.3.9, 8.4.x prior to 8.4.6, and 8.5.x prior to 8.5.1 allows remote malicious users to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.
Drupal Drupal
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
3 EDB exploits
64 Github repositories
2 Articles
8.8
CVSSv3
CVE-2022-30929
Mini-Tmall v1.0 is vulnerable to Insecure Permissions via tomcat-embed-jasper.
Mini Tmall Project Mini Tmall 1.0
8.8
CVSSv3
CVE-2018-6122
Type confusion in WebAssembly in Google Chrome before 66.0.3359.139 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
8.8
CVSSv3
CVE-2015-8751
Integer overflow in the jas_matrix_create function in JasPer allows context-dependent malicious users to have unspecified impact via a crafted JPEG 2000 image, related to integer multiplication for memory allocation.
Jasper Project Jasper
8.8
CVSSv3
CVE-2018-6118
A double-eviction in the Incognito mode cache that lead to a user-after-free in cache in Google Chrome before 66.0.3359.139 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.
Google Chrome
8.8
CVSSv3
CVE-2018-6121
Insufficient validation of input in Blink in Google Chrome before 66.0.3359.170 allowed a remote malicious user to perform privilege escalation via a crafted HTML page.
Google Chrome
8.8
CVSSv3
CVE-2018-6131
Object lifecycle issue in WebAssembly in Google Chrome before 67.0.3396.62 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
8.8
CVSSv3
CVE-2018-6149
Type confusion in JavaScript in Google Chrome before 67.0.3396.87 allowed a remote malicious user to perform an out of bounds memory write via a crafted HTML page.
Google Chrome
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »