Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
longer vulnerabilities and exploits
(subscribe to this query)
329
VMScore
CVE-2009-4411
The (1) setfacl and (2) getfacl commands in XFS acl 2.2.47, when running in recursive (-R) mode, follow symbolic links even when the --physical (aka -P) or -L option is specified, which might allow local users to modify the ACL for arbitrary files or directories via a symlink att...
Xfs Acl 2.2.47
445
VMScore
CVE-2017-11565
debian/tor.init in the Debian tor_0.2.9.11-1~deb9u1 package for Tor was designed to execute aa-exec from the standard system pathname if the apparmor package is installed, but implements this incorrectly (with a wrong assumption that the specific pathname would remain the same fo...
Debian Tor 0.2.9.11-1
187
VMScore
CVE-2020-10769
A buffer over-read flaw was found in RH kernel versions prior to 5.0 in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it ca...
Redhat Enterprise Linux 7.0
Opensuse Leap 15.1
445
VMScore
CVE-2009-2470
Mozilla Firefox prior to 3.0.12, and 3.5.x prior to 3.5.2, allows remote SOCKS5 proxy servers to cause a denial of service (data stream corruption) via a long domain name in a reply.
Mozilla Firefox 0.8
Mozilla Firefox 0.10.1
Mozilla Firefox 1.0
Mozilla Firefox 3.0.5
Mozilla Firefox 1.0.7
Mozilla Firefox 1.0.6
Mozilla Firefox 2.0 .5
Mozilla Firefox 2.0.0.14
Mozilla Firefox 0.9.1
Mozilla Firefox 0.9
Mozilla Firefox 1.0.3
Mozilla Firefox 2.0.0.9
Mozilla Firefox 1.5
Mozilla Firefox 2.0 .7
Mozilla Firefox 2.0 .9
Mozilla Firefox 1.4.1
Mozilla Firefox 2.0.0.15
Mozilla Firefox 0.5
Mozilla Firefox 0.6
Mozilla Firefox 1.5.0.11
Mozilla Firefox 2.0.0.7
Mozilla Firefox 1.5.0.8
641
VMScore
CVE-2019-1162
An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system, aka 'Windows ALPC Elev...
Microsoft Windows Server 2016 1803
Microsoft Windows Server 2012 R2
Microsoft Windows 7 -
Microsoft Windows 10 1903
Microsoft Windows Server 2019 -
Microsoft Windows Server 2016 1903
Microsoft Windows 10 -
Microsoft Windows 10 1607
Microsoft Windows 10 1703
Microsoft Windows 10 1709
Microsoft Windows 10 1803
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2008 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2016 -
Microsoft Windows Server 2012 -
Microsoft Windows 8.1 -
Microsoft Windows 10 1809
2 Articles
445
VMScore
CVE-2021-1523
A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, remote malicious user to cause a queue wedge on a leaf switch, which could result in critical control plane traffic to the device being drop...
Cisco Nx-os 13.2\\(3n\\)
Cisco Nx-os 14.2\\(4i\\)
668
VMScore
CVE-2002-0149
Buffer overflow in ASP Server-Side Include Function in IIS 4.0, 5.0 and 5.1 allows remote malicious users to cause a denial of service and possibly execute arbitrary code via long file names.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
668
VMScore
CVE-2002-0150
Buffer overflow in Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote malicious users to spoof the safety check for HTTP headers and cause a denial of service or execute arbitrary code via HTTP header field values.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
668
VMScore
CVE-2002-0071
Buffer overflow in the ism.dll ISAPI extension that implements HTR scripting in Internet Information Server (IIS) 4.0 and 5.0 allows malicious users to cause a denial of service or execute arbitrary code via HTR requests with long variable names.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
445
VMScore
CVE-2002-0072
The w3svc.dll ISAPI filter in Front Page Server Extensions and ASP.NET for Internet Information Server (IIS) 4.0, 5.0, and 5.1 does not properly handle the error condition when a long URL is provided, which allows remote malicious users to cause a denial of service (crash) when t...
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »