Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
multi server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-0179
Buffer overflow in xpilot-server for XPilot 4.5.0 and previous versions allows remote malicious users to execute arbitrary code.
Xpilot Xpilot
7.5
CVSSv3
CVE-2021-37601
muc.lib.lua in Prosody 0.11.0 up to and including 0.11.9 allows remote malicious users to obtain sensitive information (list of admins, members, owners, and banned entities of a Multi-User chat room) in some common configurations.
Prosody Prosody
NA
CVE-2004-1051
sudo prior to 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname.
Todd Miller Sudo 1.5.8
Todd Miller Sudo 1.5.9
Todd Miller Sudo 1.6.3 P4
Todd Miller Sudo 1.6.3 P5
Todd Miller Sudo 1.6.5 P1
Todd Miller Sudo 1.6.5 P2
Todd Miller Sudo 1.5.6
Todd Miller Sudo 1.5.7
Todd Miller Sudo 1.6.3 P1
Todd Miller Sudo 1.6.3 P2
Todd Miller Sudo 1.6.3 P3
Todd Miller Sudo 1.6.4 P2
Todd Miller Sudo 1.6.5
Mandrakesoft Mandrake Multi Network Firewall 8.2
Todd Miller Sudo 1.6.2
Todd Miller Sudo 1.6.3
Todd Miller Sudo 1.6.4
Todd Miller Sudo 1.6.4 P1
Todd Miller Sudo 1.6.8
Todd Miller Sudo 1.6.8 P1
Todd Miller Sudo 1.6
Todd Miller Sudo 1.6.1
NA
CVE-2005-0472
Gaim prior to 1.1.3 allows remote malicious users to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ.
Rob Flynn Gaim 1.1.1
Rob Flynn Gaim 1.1.2
Rob Flynn Gaim 1.0
Rob Flynn Gaim 1.0.1
Mandrakesoft Mandrake Linux 10.1
Redhat Enterprise Linux 4.0
Mandrakesoft Mandrake Linux Corporate Server 3.0
Mandrakesoft Mandrake Linux 10.0
Redhat Enterprise Linux Desktop 4.0
4.7
CVSSv3
CVE-2023-5380
A use-after-free flaw was found in the xorg-x11-server. An X server crash may occur in a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode) if the pointer is warped from within a window on one screen to the root...
X.org Xwayland
X.org X Server
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Debian Debian Linux 11.0
Debian Debian Linux 12.0
7.4
CVSSv3
CVE-2021-44531
Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 was accepting URI SAN types, whic...
Nodejs Node.js
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Mysql Enterprise Monitor
Oracle Mysql Connectors
Oracle Mysql Workbench
Oracle Mysql Server
Oracle Graalvm 20.3.5
Oracle Graalvm 21.3.1
Oracle Graalvm 22.0.0.2
Oracle Mysql Cluster
5.3
CVSSv3
CVE-2021-44532
Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 converts SANs (Subject Alternative Names) to a string format. It uses this string to check peer certificates against hostnames when validating connections. The string format was subject to an injection vulnerabilit...
Nodejs Node.js
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Mysql Enterprise Monitor
Oracle Mysql Connectors
Oracle Mysql Server
Oracle Graalvm 20.3.5
Oracle Graalvm 21.3.1
Oracle Graalvm 22.0.0.2
Oracle Mysql Workbench
Oracle Mysql Cluster
Debian Debian Linux 11.0
NA
CVE-2005-0473
The HTML parsing functions in Gaim prior to 1.1.3 allow remote malicious users to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208.
Rob Flynn Gaim 1.0
Rob Flynn Gaim 1.1.2
Rob Flynn Gaim 1.0.1
Rob Flynn Gaim 1.1.1
Mandrakesoft Mandrake Linux 10.1
Redhat Enterprise Linux 4.0
Mandrakesoft Mandrake Linux Corporate Server 3.0
Mandrakesoft Mandrake Linux 10.0
Redhat Enterprise Linux Desktop 4.0
NA
CVE-2012-0217
The x86-64 kernel system-call functionality in Xen 4.1.2 and previous versions, as used in Citrix XenServer 6.0.2 and previous versions and other products; Oracle Solaris 11 and previous versions; illumos before r13724; Joyent SmartOS prior to 20120614T184600Z; FreeBSD prior to 9...
Freebsd Freebsd
Illumos Illumos
Joyent Smartos
Xen Xen 4.0.4
Xen Xen 4.1.0
Xen Xen 4.0.2
Xen Xen 4.0.3
Xen Xen 4.1.1
Xen Xen
Xen Xen 4.0.0
Xen Xen 4.0.1
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2003
Microsoft Windows Xp
Citrix Xenserver 6.0
Citrix Xenserver
Netbsd Netbsd
Sun Sunos
3 EDB exploits
3 Github repositories
1 Article
8.2
CVSSv3
CVE-2022-21824
Due to the formatting logic of the "console.table()" function it was not safe to allow user controlled input to be passed to the "properties" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could b...
Nodejs Node.js
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Mysql Enterprise Monitor
Oracle Mysql Server
Oracle Mysql Connectors
Oracle Mysql Workbench
Oracle Mysql Cluster
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »