Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
search api vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2015-4477
Use-after-free vulnerability in the MediaStream playback feature in Mozilla Firefox prior to 40.0 allows remote malicious users to execute arbitrary code via unspecified use of the Web Audio API.
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Mozilla Firefox
10
CVSSv2
CVE-2007-4916
Heap-based buffer overflow in the FileFind::FindFile method in (1) MFC42.dll, (2) MFC42u.dll, (3) MFC71.dll, and (4) MFC71u.dll in Microsoft Foundation Class (MFC) Library 8.0, as used by the ListFiles method in hpqutil.dll 2.0.0.138 in Hewlett-Packard (HP) All-in-One and Photo &...
Hp Photo And Imaging Gallery 1.1
Hp All-in-on Printer
2 EDB exploits
9.3
CVSSv2
CVE-2015-4516
Mozilla Firefox prior to 41.0 allows remote malicious users to bypass certain ECMAScript 5 (aka ES5) API protection mechanisms and modify immutable properties, and consequently execute arbitrary JavaScript code with chrome privileges, via a crafted web page that does not use ES5 ...
Mozilla Firefox
9.3
CVSSv2
CVE-2010-3145
Untrusted search path vulnerability in the BitLocker Drive Encryption API, as used in sdclt.exe in Backup Manager in Microsoft Windows Vista SP1 and SP2, allows local users to gain privileges via a Trojan horse fveapi.dll file in the current working directory, as demonstrated by ...
Microsoft Windows Vista
1 EDB exploit
8.3
CVSSv2
CVE-2021-20190
A flaw was found in jackson-databind prior to 2.9.10.7. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Fasterxml Jackson-databind
Netapp Oncommand Insight -
Netapp Service Level Manager -
Netapp Oncommand Api Services -
Netapp Active Iq Unified Manager -
Apache Nifi
Debian Debian Linux 9.0
Oracle Commerce Guided Search And Experience Manager 11.3.2
7.5
CVSSv2
CVE-2019-1010179
PHKP including commit 88fd9cfdf14ea4b6ac3e3967feea7bcaabb6f03b is affected by: Improper Neutralization of Special Elements used in a Command ('Command Injection'). The impact is: It is possible to manipulate gpg-keys or execute commands remotely. The component is: funct...
Phkp Project Phkp -
7.5
CVSSv2
CVE-2018-1000885
PHKP version including commit 88fd9cfdf14ea4b6ac3e3967feea7bcaabb6f03b contains a Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in function pgp_exec() phkp.php:98 that can result in It is possible to manipulate gpg-key...
Phkp Project Phkp
7.5
CVSSv2
CVE-2015-1427
The Groovy scripting engine in Elasticsearch prior to 1.3.8 and 1.4.x prior to 1.4.3 allows remote malicious users to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script.
Elasticsearch Elasticsearch
Elasticsearch Elasticsearch 1.4.0
Elasticsearch Elasticsearch 1.4.1
Elasticsearch Elasticsearch 1.4.2
2 EDB exploits
2 Nmap scripts
17 Github repositories
2 Articles
7.5
CVSSv2
CVE-2014-8682
Multiple SQL injection vulnerabilities in Gogs (aka Go Git Service) 0.3.1-9 up to and including 0.5.x prior to 0.5.6.1105 Beta allow remote malicious users to execute arbitrary SQL commands via the q parameter to (1) api/v1/repos/search, which is not properly handled in models/re...
Gogits Gogs
Gogits Gogs 0.4.1
Gogits Gogs 0.5.0
Gogits Gogs 0.3.1-9
Gogits Gogs 0.5.2
Gogits Gogs 0.4.2
1 EDB exploit
7.2
CVSSv2
CVE-2020-10610
In OSIsoft PI System multiple products and versions, a local attacker can modify a search path and plant a binary to exploit the affected PI System software to take control of the local computer at Windows system privilege level, resulting in unauthorized information disclosure, ...
Osisoft Pi Buffer Subsystem
Osisoft Pi Api
Osisoft Pi Connector
Osisoft Pi Connector Relay
Osisoft Pi Interface Configuration Utility
Osisoft Pi Integrator
Osisoft Pi Data Collection Manager
Osisoft Pi Data Archive
Osisoft Pi To Ocs
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »