Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
p1 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-8135
A remote code execution vulnerability exists in Magento 2.2 before 2.2.10, Magento 2.3 before 2.3.3 or 2.3.2-p1. Dependency injection through Symphony framework allows service identifiers to be derived from user controlled data, which can lead to remote code execution.
Magento Magento
Magento Magento 2.3.2
9.8
CVSSv3
CVE-2019-8149
Insecure authentication and session management vulnerability exists in Magento 2.2 before 2.2.10, Magento 2.3 before 2.3.3 or 2.3.2-p1. An unauthenticated user can append arbitrary session id that will not be invalidated by subsequent authentication.
Magento Magento
Magento Magento 2.3.2
9.8
CVSSv3
CVE-2019-8136
An insecure component vulnerability exists in Magento 2.2 before 2.2.10, Magento 2.3 before 2.3.3 or 2.3.2-p1. Magento 2 codebase leveraged outdated versions of HTTP specification abstraction implemented in symphony component.
Magento Magento
Magento Magento 2.3.2
9.8
CVSSv3
CVE-2019-8144
A remote code execution vulnerability exists in Magento 2.3 before 2.3.3 or 2.3.2-p1. An unauthenticated user can insert a malicious payload through PageBuilder template methods.
Magento Magento
Magento Magento 2.3.2
9.8
CVSSv3
CVE-2019-5600
In FreeBSD 12.0-STABLE before r349622, 12.0-RELEASE prior to 12.0-RELEASE-p7, 11.3-PRERELEASE before r349624, 11.3-RC3 prior to 11.3-RC3-p1, and 11.2-RELEASE prior to 11.2-RELEASE-p11, a bug in iconv implementation may allow an malicious user to write past the end of an output bu...
Freebsd Freebsd 11.2
Freebsd Freebsd 12.0
Freebsd Freebsd 11.3
9.8
CVSSv3
CVE-2018-17161
In FreeBSD prior to 11.2-STABLE(r348229), 11.2-RELEASE-p7, 12.0-STABLE(r342228), and 12.0-RELEASE-p1, insufficient validation of network-provided data in bootpd may make it possible for a malicious malicious user to craft a bootp packet which could cause a stack buffer overflow. ...
Freebsd Freebsd 11.2
Freebsd Freebsd 12.0
9.6
CVSSv3
CVE-2020-9691
Magento versions 2.3.5-p1 and previous versions, and 2.3.5-p1 and previous versions have a dom-based cross-site scripting vulnerability. Successful exploitation could lead to arbitrary code execution.
Magento Magento
Magento Magento 2.3.5
9.6
CVSSv3
CVE-2019-5604
In FreeBSD 12.0-STABLE before r350246, 12.0-RELEASE prior to 12.0-RELEASE-p8, 11.3-STABLE before r350247, 11.3-RELEASE prior to 11.3-RELEASE-p1, and 11.2-RELEASE prior to 11.2-RELEASE-p12, the emulated XHCI device included with the bhyve hypervisor did not properly validate data ...
Freebsd Freebsd 11.2
Freebsd Freebsd 12.0
Freebsd Freebsd 11.0
Freebsd Freebsd 11.3
9.3
CVSSv3
CVE-2022-1650
Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository eventsource/eventsource prior to v2.0.2.
Eventsource Eventsource
Debian Debian Linux 10.0
9.1
CVSSv3
CVE-2022-36437
The Connection handler in Hazelcast and Hazelcast Jet allows a remote unauthenticated malicious user to access and manipulate data in the cluster with the identity of another already authenticated connection. The affected Hazelcast versions are up to and including 4.0.6, 4.1.9, 4...
Hazelcast Hazelcast-jet
Hazelcast Hazelcast
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »