Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
orca vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2021-35967
The directory page parameter of the Orca HCM digital learning platform does not filter special characters. Remote attackers can access the system directory thru Path Traversal without logging in.
Learningdigital Orca Hcm
NA
CVE-2005-3815
SQL injection vulnerability in forum.php in Orca Forum 4.3b and previous versions allows remote malicious users to execute arbitrary SQL commands via the msg parameter.
Greywyvern Orca Forum
1 EDB exploit
NA
CVE-2005-3941
SQL injection vulnerability in blog.php in Orca Blog 1.3b and previous versions allows remote malicious users to execute arbitrary SQL commands via the msg parameter.
Greywyvern Orca Blog
1 EDB exploit
NA
CVE-2009-3017
Orca Browser 1.2 build 5 does not properly block data: URIs in Refresh and Location headers in HTTP responses, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header that contains JavaScript sequence...
Orcabrowser Orca Browser 1.2
7.3
CVSSv3
CVE-2013-4245
Orca has arbitrary code execution due to insecure Python module load
Gnome Orca -
Debian Debian Linux 8.0
Debian Debian Linux 9.0
6.5
CVSSv3
CVE-2018-0644
Buffer overflow in Ubuntu14.04 ORCA (Online Receipt Computer Advantage) 4.8.0 (panda-client2) 1:1.4.9+p41-u4jma1 and previous versions, Ubuntu14.04 ORCA (Online Receipt Computer Advantage) 5.0.0 (panda-client2) 1:2.0.0+p48-u4jma1 and previous versions, and Ubuntu16.04 ORCA (Onlin...
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
6.6
CVSSv3
CVE-2018-0643
Ubuntu14.04 ORCA (Online Receipt Computer Advantage) 4.8.0 (panda-server) 1:1.4.9+p41-u4jma1 and previous versions allows attacker with administrator rights to execute arbitrary OS commands via unspecified vectors.
Canonical Ubuntu Linux 14.04
Orcamo Online Receipt Computer Advantage 4.8.0
8.8
CVSSv3
CVE-2020-9301
Nolan Ray from Apple Information Security identified a security vulnerability in Spinnaker, all versions prior to version 1.23.4, 1.22.4 or 1.21.5. The vulnerability exists within the handling of SpEL expressions that allows an malicious user to read and write arbitrary files wit...
Linuxfoundation Spinnaker
7.8
CVSSv3
CVE-2022-46289
Multiple out-of-bounds write vulnerabilities exist in the ORCA format nAtoms functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerabili...
Openbabel Open Babel 3.1.1
7.8
CVSSv3
CVE-2022-46290
Multiple out-of-bounds write vulnerabilities exist in the ORCA format nAtoms functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerabili...
Openbabel Open Babel 3.1.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »