Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
r project vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-22289
Improper Input Validation vulnerability in the project upload mechanism in B&R Automation Studio version >=4.0 may allow an unauthenticated network malicious user to execute code.
Br-automation Studio
9.8
CVSSv3
CVE-2022-23812
This affects the package node-ipc from 10.1.1 and prior to 10.1.3. This package contains malicious code, that targets users with IP located in Russia or Belarus, and overwrites their files with a heart emoji. **Note**: from versions 11.0.0 onwards, instead of having malicious cod...
Node-ipc Project Node-ipc
3 Github repositories
9.8
CVSSv3
CVE-2020-27637
The R programming language’s default package manager CRAN is affected by a path traversal vulnerability that can lead to server compromise. This vulnerability affects packages installed via the R CMD install cli command or the install.packages() function from the interprete...
R-project Cran
9.8
CVSSv3
CVE-2020-12627
Calibre-Web 0.6.6 allows authentication bypass because of the 'A0Zr98j/3yX R~XHH!jmN]LWX/,?RT' hardcoded secret key.
Calibre-web Project Calibre-web 0.6.6
9.8
CVSSv3
CVE-2020-6969
It is possible to unmask credentials and other sensitive information on “unprotected” project files, which may allow an malicious user to remotely access the C-More Touch Panels EA9 series: firmware versions before 6.53 and manipulate system configurations.
Automationdirect C-more Ea9-rhi Firmware
Automationdirect C-more Ea9-t6cl-r Firmware
Automationdirect C-more Ea9-t6cl Firmware
Automationdirect C-more Ea9-t7cl-r Firmware
Automationdirect C-more Ea9-t7cl Firmware
Automationdirect C-more Ea9-t8cl Firmware
Automationdirect C-more Ea9-t10cl Firmware
Automationdirect C-more Ea9-t10wcl Firmware
Automationdirect C-more Ea9-t12cl Firmware
Automationdirect C-more Ea9-t15cl-r Firmware
Automationdirect C-more Ea9-t15cl Firmware
8.8
CVSSv3
CVE-2020-13895
Crypt::Perl::ECDSA in the Crypt::Perl (aka p5-Crypt-Perl) module prior to 0.32 for Perl fails to verify correct ECDSA signatures when r and s are small and when s = 1. This happens when using the curve secp256r1 (prime256v1). This could conceivably have a security-relevant impact...
P5-crypt-perl Project P5-crypt-perl
1 Github repository
8.8
CVSSv3
CVE-2016-8714
An exploitable buffer overflow vulnerability exists in the LoadEncoding functionality of the R programming language version 3.3.0. A specially crafted R script can cause a buffer overflow resulting in a memory corruption. An attacker can send a malicious R script to trigger this ...
R Project R 3.3.0
R Project R 3.3.2
Debian Debian Linux 8.0
8.1
CVSSv3
CVE-2022-28527
dhcms v20170919 exists to contain an arbitrary folder deletion vulnerability via /admin.php?r=admin/AdminBackup/del.
Dhcms Project Dhcms 2017-09-19
8.1
CVSSv3
CVE-2020-36440
An issue exists in the libsbc crate prior to 0.1.5 for Rust. For Decoder<R>, it implements Send for any R: Read.
Libsbc Project Libsbc
7.8
CVSSv3
CVE-2023-40581
yt-dlp is a youtube-dl fork with additional features and fixes. yt-dlp allows the user to provide shell command lines to be executed at various stages in its download steps through the `--exec` flag. This flag allows output template expansion in its argument, so that metadata val...
Yt-dlp Project Yt-dlp
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »