Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
r project vulnerabilities and exploits
(subscribe to this query)
3.3
CVSSv3
CVE-2023-29383
In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \n is in the block list), it is possible to misrepresent the /etc...
Shadow Project Shadow 4.13
6.1
CVSSv3
CVE-2013-2294
Multiple cross-site scripting (XSS) vulnerabilities in ViewGit prior to 0.0.7 allow remote repository users to inject arbitrary web script or HTML via a (1) tag name to the Shortlog table in templates/shortlog.php or branch name to the (2) Shortlog table in templates/shortlog.php...
Viewgit Project Viewgit
1 EDB exploit
7.5
CVSSv3
CVE-2022-24884
ecdsautils is a tiny collection of programs used for ECDSA (keygen, sign, verify). `ecdsa_verify_[prepare_]legacy()` does not check whether the signature values `r` and `s` are non-zero. A signature consisting only of zeroes is always considered valid, making it trivial to forge ...
Ecdsautils Project Ecdsautils
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
NA
CVE-2013-4730
Buffer overflow in PCMan's FTP Server 2.0.7 allows remote malicious users to execute arbitrary code via a long string in a USER command.
Pcman\\'s Ftp Server Project Pcman\\'s Ftp Server 2.0.7
11 EDB exploits
2 Github repositories
7.8
CVSSv3
CVE-2021-33137
Out-of-bounds write in the Intel(R) Kernelflinger project may allow an authenticated user to potentially enable escalation of privilege via local access.
Intel Kernelflinger
9.8
CVSSv3
CVE-2021-22289
Improper Input Validation vulnerability in the project upload mechanism in B&R Automation Studio version >=4.0 may allow an unauthenticated network malicious user to execute code.
Br-automation Studio
7.5
CVSSv3
CVE-2023-0457
Plaintext Storage of a Password vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series, MELSEC iQ-R Series, MELSEC-Q Series and MELSEC-L Series allows a remote unauthenticated malicious user to disclose plaintext credentials stored in project files and login into FTP...
Mitsubishielectric Fx5uc-32mr\\/ds-ts Firmware
Mitsubishielectric Fx5uc-32mt\\/d Firmware
Mitsubishielectric Fx5uc-32mt\\/dss Firmware
Mitsubishielectric Fx5uc-32mt\\/dss-ts Firmware
Mitsubishielectric Fx5uc-32mt\\/ds-ts Firmware
Mitsubishielectric Fx5uc-64mt\\/d Firmware
Mitsubishielectric Fx5uc-64mt\\/dss Firmware
Mitsubishielectric Fx5uc-96mt\\/d Firmware
Mitsubishielectric Fx5uc-96mt\\/dss Firmware
Mitsubishielectric Fx5uj-24mr\\/es Firmware
Mitsubishielectric Fx5uj-24mr\\/es-a Firmware
Mitsubishielectric Fx5uj-24mt\\/es Firmware
Mitsubishielectric Fx5uj-24mt\\/es-a Firmware
Mitsubishielectric Fx5uj-24mt\\/ess Firmware
Mitsubishielectric Fx5uj-40mr\\/es Firmware
Mitsubishielectric Fx5uj-40mr\\/es-a Firmware
Mitsubishielectric Fx5uj-40mt\\/es Firmware
Mitsubishielectric Fx5uj-40mt\\/es-a Firmware
Mitsubishielectric Fx5uj-40mt\\/ess Firmware
Mitsubishielectric Fx5uj-60mr\\/es Firmware
Mitsubishielectric Fx5uj-60mr\\/es-a Firmware
Mitsubishielectric Fx5uj-60mt\\/es Firmware
5.5
CVSSv3
CVE-2021-21364
swagger-codegen is an open-source project which contains a template-driven engine to generate documentation, API clients and server stubs in different languages by parsing your OpenAPI / Swagger definition. In swagger-codegen before version 2.4.19, on Unix-Like systems, the syste...
Smartbear Swagger-codegen
3.3
CVSSv3
CVE-2022-41954
MPXJ is an open source library to read and write project plans from a variety of file formats and databases. On Unix-like operating systems (not Windows or macos), MPXJ's use of `File.createTempFile(..)` results in temporary files being created with the permissions `-rw-r--r...
Mpxj Mpxj
5.3
CVSSv3
CVE-2020-14179
Affected versions of Atlassian Jira Server and Data Center allow remote, unauthenticated malicious users to view custom field names and custom SLA names via an Information Disclosure vulnerability in the /secure/QueryComponent!Default.jspa endpoint. The affected versions are befo...
Atlassian Jira Server
Atlassian Jira Data Center
5 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2024-5274
CVE-2020-17519
CVE-2024-35340
CVE-2021-47558
local
XML injection
CVE-2021-47519
CVE-2021-47543
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »