Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
r project vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2022-28527
dhcms v20170919 exists to contain an arbitrary folder deletion vulnerability via /admin.php?r=admin/AdminBackup/del.
Dhcms Project Dhcms 2017-09-19
7.5
CVSSv3
CVE-2021-32839
sqlparse is a non-validating SQL parser module for Python. In sqlparse versions 0.4.0 and 0.4.1 there is a regular Expression Denial of Service in sqlparse vulnerability. The regular expression may cause exponential backtracking on strings containing many repetitions of '\r\...
Sqlparse Project Sqlparse
1 Github repository
9.8
CVSSv3
CVE-2020-12627
Calibre-Web 0.6.6 allows authentication bypass because of the 'A0Zr98j/3yX R~XHH!jmN]LWX/,?RT' hardcoded secret key.
Calibre-web Project Calibre-web 0.6.6
5.5
CVSSv3
CVE-2022-29523
Improper conditions check in the Open CAS software maintained by Intel(R) before version 22.3.1 may allow an authenticated user to potentially enable denial of service via local access.
Open Cas Project Open Cas
3.3
CVSSv3
CVE-2022-31071
Octopoller is a micro gem for polling and retrying. Version 0.2.0 of the octopoller gem was published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to `-rw-rw-rw-` (i.e. 0666) instead of `rw-r--r--` (i.e. 0644). This me...
Octopoller Project Octopoller 0.2.0
7.5
CVSSv3
CVE-2020-11709
cpp-httplib up to and including 0.5.8 does not filter \r\n in parameters passed into the set_redirect and set_header functions, which creates possibilities for CRLF injection and HTTP response splitting in some specific contexts.
Cpp-httplib Project Cpp-httplib
8.8
CVSSv3
CVE-2020-13895
Crypt::Perl::ECDSA in the Crypt::Perl (aka p5-Crypt-Perl) module prior to 0.32 for Perl fails to verify correct ECDSA signatures when r and s are small and when s = 1. This happens when using the curve secp256r1 (prime256v1). This could conceivably have a security-relevant impact...
P5-crypt-perl Project P5-crypt-perl
1 Github repository
9.8
CVSSv3
CVE-2022-23812
This affects the package node-ipc from 10.1.1 and prior to 10.1.3. This package contains malicious code, that targets users with IP located in Russia or Belarus, and overwrites their files with a heart emoji. **Note**: from versions 11.0.0 onwards, instead of having malicious cod...
Node-ipc Project Node-ipc
3 Github repositories
6.1
CVSSv3
CVE-2014-125027
A vulnerability has been found in Yuna Scatari TBDev up to 2.1.17 and classified as problematic. Affected by this vulnerability is the function get_user_icons of the file usersearch.php. The manipulation of the argument n/r/r2/em/ip/co/ma/d/d2/ul/ul2/ls/ls2/dl/dl2 leads to cross ...
Tbdev Project Tbdev
5.4
CVSSv3
CVE-2020-36609
A vulnerability was found in annyshow DuxCMS 2.1. It has been classified as problematic. This affects an unknown part of the file admin.php&r=article/AdminContent/edit of the component Article Handler. The manipulation of the argument content leads to cross site scripting. It...
Duxcms Project Duxcms 2.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »