Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
r project vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-29383
In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \n is in the block list), it is possible to misrepresent the /etc...
Shadow Project Shadow 4.13
4.3
CVSSv2
CVE-2013-2294
Multiple cross-site scripting (XSS) vulnerabilities in ViewGit prior to 0.0.7 allow remote repository users to inject arbitrary web script or HTML via a (1) tag name to the Shortlog table in templates/shortlog.php or branch name to the (2) Shortlog table in templates/shortlog.php...
Viewgit Project Viewgit
1 EDB exploit
5
CVSSv2
CVE-2022-24884
ecdsautils is a tiny collection of programs used for ECDSA (keygen, sign, verify). `ecdsa_verify_[prepare_]legacy()` does not check whether the signature values `r` and `s` are non-zero. A signature consisting only of zeroes is always considered valid, making it trivial to forge ...
Ecdsautils Project Ecdsautils
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
10
CVSSv2
CVE-2013-4730
Buffer overflow in PCMan's FTP Server 2.0.7 allows remote malicious users to execute arbitrary code via a long string in a USER command.
Pcman\\'s Ftp Server Project Pcman\\'s Ftp Server 2.0.7
11 EDB exploits
2 Github repositories
4.6
CVSSv2
CVE-2021-33137
Out-of-bounds write in the Intel(R) Kernelflinger project may allow an authenticated user to potentially enable escalation of privilege via local access.
Intel Kernelflinger
NA
CVE-2021-22289
Improper Input Validation vulnerability in the project upload mechanism in B&R Automation Studio version >=4.0 may allow an unauthenticated network malicious user to execute code.
Br-automation Studio
NA
CVE-2023-0457
Plaintext Storage of a Password vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series, MELSEC iQ-R Series, MELSEC-Q Series and MELSEC-L Series allows a remote unauthenticated malicious user to disclose plaintext credentials stored in project files and login into FTP...
Mitsubishielectric Fx5uc-32mr\\/ds-ts Firmware
Mitsubishielectric Fx5uc-32mt\\/d Firmware
Mitsubishielectric Fx5uc-32mt\\/dss Firmware
Mitsubishielectric Fx5uc-32mt\\/dss-ts Firmware
Mitsubishielectric Fx5uc-32mt\\/ds-ts Firmware
Mitsubishielectric Fx5uc-64mt\\/d Firmware
Mitsubishielectric Fx5uc-64mt\\/dss Firmware
Mitsubishielectric Fx5uc-96mt\\/d Firmware
Mitsubishielectric Fx5uc-96mt\\/dss Firmware
Mitsubishielectric Fx5uj-24mr\\/es Firmware
Mitsubishielectric Fx5uj-24mr\\/es-a Firmware
Mitsubishielectric Fx5uj-24mt\\/es Firmware
Mitsubishielectric Fx5uj-24mt\\/es-a Firmware
Mitsubishielectric Fx5uj-24mt\\/ess Firmware
Mitsubishielectric Fx5uj-40mr\\/es Firmware
Mitsubishielectric Fx5uj-40mr\\/es-a Firmware
Mitsubishielectric Fx5uj-40mt\\/es Firmware
Mitsubishielectric Fx5uj-40mt\\/es-a Firmware
Mitsubishielectric Fx5uj-40mt\\/ess Firmware
Mitsubishielectric Fx5uj-60mr\\/es Firmware
Mitsubishielectric Fx5uj-60mr\\/es-a Firmware
Mitsubishielectric Fx5uj-60mt\\/es Firmware
2.1
CVSSv2
CVE-2021-21364
swagger-codegen is an open-source project which contains a template-driven engine to generate documentation, API clients and server stubs in different languages by parsing your OpenAPI / Swagger definition. In swagger-codegen before version 2.4.19, on Unix-Like systems, the syste...
Smartbear Swagger-codegen
NA
CVE-2022-41954
MPXJ is an open source library to read and write project plans from a variety of file formats and databases. On Unix-like operating systems (not Windows or macos), MPXJ's use of `File.createTempFile(..)` results in temporary files being created with the permissions `-rw-r--r...
Mpxj Mpxj
6.8
CVSSv2
CVE-2020-1234
An elevation of privilege vulnerability exists when Windows Error Reporting improperly handles objects in memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Error Reporting Elevation of Privilege Vulnerabil...
Microsoft Windows 10 -
Microsoft Windows 10 1607
Microsoft Windows 10 1709
Microsoft Windows 10 1803
Microsoft Windows 10 1809
Microsoft Windows 10 1903
Microsoft Windows 10 1909
Microsoft Windows 10 2004
Microsoft Windows Server 2016 -
Microsoft Windows Server 2016 1803
Microsoft Windows Server 2016 1903
Microsoft Windows Server 2016 1909
Microsoft Windows Server 2016 2004
Microsoft Windows Server 2019 -
6 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »