Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pietro oliva vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2020-17360
An issue exists in ReadyTalk Avian 1.2.0. The vm::arrayCopy method defined in classpath-common.h contains multiple boundary checks that are performed to prevent out-of-bounds memory read/write. However, two of these boundary checks contain an integer overflow that leads to a bypa...
Readytalk Avian 1.2.0
4.3
CVSSv2
CVE-2020-17361
An issue exists in ReadyTalk Avian 1.2.0. The vm::arrayCopy method defined in classpath-common.h returns silently when a negative length is provided (instead of throwing an exception). This could result in data being lost during the copy, with varying consequences depending on th...
Readytalk Avian 1.2.0
4
CVSSv2
CVE-2014-1889
The Group creation process in the Buddypress plugin prior to 1.9.2 for WordPress allows remote authenticated users to gain control of arbitrary groups by leveraging a missing permissions check.
Buddypress Buddypress
1 EDB exploit
9
CVSSv2
CVE-2020-12109
Certain TP-Link devices allow Command Injection. This affects NC200 2.1.9 build 200225, NC210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304.
Tp-link Nc200 Firmware 2.1.6
Tp-link Nc200 Firmware 2.1.9
Tp-link Nc210 Firmware 1.0.3
Tp-link Nc210 Firmware 1.0.4
Tp-link Nc210 Firmware 1.0.9
Tp-link Nc220 Firmware 1.2.0
Tp-link Nc220 Firmware 1.3.0
Tp-link Nc230 Firmware 1.0.3
Tp-link Nc230 Firmware 1.2.1
Tp-link Nc230 Firmware 1.3.0
Tp-link Nc250 Firmware 1.0.8
Tp-link Nc250 Firmware 1.0.10
Tp-link Nc250 Firmware 1.2.1
Tp-link Nc250 Firmware 1.3.0
Tp-link Nc260 Firmware 1.0.5
Tp-link Nc260 Firmware 1.0.6
Tp-link Nc260 Firmware 1.4.1
Tp-link Nc260 Firmware 1.5.0
Tp-link Nc260 Firmware 1.5.2
Tp-link Nc450 Firmware 1.0.15
Tp-link Nc450 Firmware 1.1.2
Tp-link Nc450 Firmware 1.3.4
5
CVSSv2
CVE-2014-8749
Server-side request forgery (SSRF) vulnerability in admin/htaccess/bpsunlock.php in the BulletProof Security plugin before .51.1 for WordPress allows remote malicious users to trigger outbound requests that authenticate to arbitrary databases via the dbhost parameter.
Ait-pro Bulletproof Security
7.5
CVSSv2
CVE-2020-25022
An issue exists in Noise-Java through 2020-08-27. AESGCMFallbackCipherState.encryptWithAd() allows out-of-bounds access.
Noise-java Project Noise-java
4.3
CVSSv2
CVE-2014-7956
Cross-site scripting (XSS) vulnerability in the Pods plugin prior to 2.5 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the id parameter in an edit action in the pods page to wp-admin/admin.php.
Podsfoundation Pods
6.8
CVSSv2
CVE-2014-7957
Multiple cross-site request forgery (CSRF) vulnerabilities in the Pods plugin prior to 2.5 for WordPress allow remote malicious users to hijack the authentication of administrators for requests that (1) conduct cross-site scripting (XSS) attacks via the toggled parameter in a tog...
Pods Foundation Pods
4.3
CVSSv2
CVE-2014-7958
Cross-site scripting (XSS) vulnerability in admin/htaccess/bpsunlock.php in the BulletProof Security plugin before .51.1 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the dbhost parameter.
Ait-pro Bulletproof Security .50.4
Ait-pro Bulletproof Security .50.3
Ait-pro Bulletproof Security .44.1
Ait-pro Bulletproof Security .44
Ait-pro Bulletproof Security .49.3
Ait-pro Bulletproof Security .49.2
Ait-pro Bulletproof Security .48.5
Ait-pro Bulletproof Security .48.4
Ait-pro Bulletproof Security .47.7
Ait-pro Bulletproof Security .47.6
Ait-pro Bulletproof Security .47.5
Ait-pro Bulletproof Security .46.8
Ait-pro Bulletproof Security .46.7
Ait-pro Bulletproof Security .46
Ait-pro Bulletproof Security .45.9
Ait-pro Bulletproof Security .50.6
Ait-pro Bulletproof Security .50.5
Ait-pro Bulletproof Security .45.1
Ait-pro Bulletproof Security .45
Ait-pro Bulletproof Security .49.5
Ait-pro Bulletproof Security .49.4
Ait-pro Bulletproof Security .48.7
6.5
CVSSv2
CVE-2014-7959
SQL injection vulnerability in admin/htaccess/bpsunlock.php in the BulletProof Security plugin before .51.1 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the tableprefix parameter.
Ait-pro Bulletproof Security .45.4
Ait-pro Bulletproof Security .45.5
Ait-pro Bulletproof Security .45.6
Ait-pro Bulletproof Security .46.3
Ait-pro Bulletproof Security .46.4
Ait-pro Bulletproof Security .47.1
Ait-pro Bulletproof Security .47.2
Ait-pro Bulletproof Security .48
Ait-pro Bulletproof Security .48.1
Ait-pro Bulletproof Security .48.8
Ait-pro Bulletproof Security .48.9
Ait-pro Bulletproof Security .49.6
Ait-pro Bulletproof Security .49.7
Ait-pro Bulletproof Security .45.2
Ait-pro Bulletproof Security .45.3
Ait-pro Bulletproof Security .50.7
Ait-pro Bulletproof Security .50.8
Ait-pro Bulletproof Security .45.9
Ait-pro Bulletproof Security .46
Ait-pro Bulletproof Security .46.7
Ait-pro Bulletproof Security .46.8
Ait-pro Bulletproof Security .47.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »