Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
liquidworm vulnerabilities and exploits
(subscribe to this query)
945
VMScore
CVE-2010-1296
Multiple buffer overflows in Adobe Photoshop CS4 prior to 11.0.2 allow user-assisted remote malicious users to execute arbitrary code via a crafted (1) .ASL, (2) .ABR, or (3) .GRD file.
Adobe Photoshop Cs4
Adobe Photoshop Cs4 11.0
3 EDB exploits
450
VMScore
CVE-2011-1062
Multiple cross-site scripting (XSS) vulnerabilities in include/html/header.php in TaskFreak! 0.6.4 allow remote malicious users to inject arbitrary web script or HTML via the (1) sContext, (2) sort, (3) dir, and (4) show parameters in a save action to index.php; the (5) dir and (...
Taskfreak Taskfreak\\! 0.6.4
4 EDB exploits
935
VMScore
CVE-2010-1280
Adobe Shockwave Player prior to 11.5.7.609 allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir (aka Director) file, related to (1) an erroneous dereference and (2) a certain Shock.dir file.
Adobe Shockwave Player
1 EDB exploit
440
VMScore
CVE-2012-1049
Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine ADManager Plus 5.2 Build 5210 allow remote malicious users to inject arbitrary web script or HTML via the (1) domainName parameter to jsp/AddDC.jsp or (2) operation parameter to DomainConfig.do.
Manageengine Admanager Plus 5.2
2 EDB exploits
700
VMScore
CVE-2010-5240
Multiple untrusted search path vulnerabilities in Corel PHOTO-PAINT and CorelDRAW X5 15.1.0.588 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) CrlRib.dll file in the current working directory, as demonstrated by a directory that contains a .cdr, .cp...
Corel Coreldraw X5 15.1.0.588
Corel Photo-paint X3 13.0.0.576
2 EDB exploits
935
VMScore
CVE-2009-0349
Stack-based buffer overflow in FTPShell Server 4.3 allows user-assisted remote malicious users to cause a denial of service (persistent daemon crash) and possibly execute arbitrary code via a long string in a licensing key (aka .key) file.
Ftpshell Ftpshell Server 4.3
1 EDB exploit
435
VMScore
CVE-2013-5123
The mirroring support (-M, --use-mirrors) in Python Pip prior to 1.5 uses insecure DNS querying and authenticity checks which allows malicious users to perform man-in-the-middle attacks.
Pypa Pip
Virtualenv Virtualenv 12.0.7
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Redhat Openshift 1.0
Redhat Openshift 2.0
Redhat Software Collections -
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 EDB exploit
685
VMScore
CVE-2014-9101
Multiple cross-site request forgery (CSRF) vulnerabilities in Oxwall 1.7.0 (build 7907 and 7906) and SkaDate Lite 2.0 (build 7651) allow remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks or possibly ...
Skalfa Skadate Lite 2.0
Oxwall Oxwall 1.7.0
1 EDB exploit
685
VMScore
CVE-2014-9344
Cross-site request forgery (CSRF) vulnerability in Snowfox CMS prior to 1.0.10 allows remote malicious users to hijack the authentication of administrators for requests that add a new admin account via a submit action in the admin/accounts/create uri to snowfox/.
Globiz Solutions Snowfox Content Management System
1 EDB exploit
505
VMScore
CVE-2014-9350
TP-Link TL-WR740N 4 with firmware 3.17.0 Build 140520, 3.16.6 Build 130529, and 3.16.4 Build 130205 allows remote malicious users to cause a denial of service (httpd crash) via vectors involving a "new" value in the isNew parameter to PingIframeRpm.htm.
Tp-link Tl-wr740n Firmware 3.16.6
Tp-link Tl-wr740n Firmware 3.16.4
Tp-link Tl-wr740n Firmware 3.17.0
Tp-link Tl-wr740n 4
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »