Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
steve kemp vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2009-2937
Cross-site scripting (XSS) vulnerability in Planet 2.0 and Planet Venus allows remote malicious users to inject arbitrary web script or HTML via the SRC attribute of an IMG element in a feed.
Intertwingly Planet 2.0
Intertwingly Planet Venus
1 EDB exploit
7.2
CVSSv2
CVE-2008-2378
Untrusted search path vulnerability in hfkernel in hf 0.7.3 and 0.8 allows local users to gain privileges via a Trojan horse killall program in a directory in the PATH, related to improper handling of the -k option.
Hf Hf 0.8
Hf Hf 0.7.3
7.2
CVSSv2
CVE-2008-0930
w_editeur.c in XWine 1.0.1 for Debian GNU/Linux allows local users to overwrite or print arbitrary files via a symlink attack on the temporaire temporary file. NOTE: some of these details are obtained from third party information.
Freshmeat Xwine 1.0.1
6.3
CVSSv2
CVE-2008-0931
w_export.c in XWine 1.0.1 on Debian GNU/Linux sets insecure permissions (0666) for /etc/wine/config, which might allow local users to execute arbitrary commands or cause a denial of service by modifying the file.
Xwine Xwine 1.0.1
3.3
CVSSv2
CVE-2007-3921
gforge 3.1 and 4.5.14 allows local users to truncate arbitrary files via a symlink attack on temporary files.
Gforge Gforge 3.1
Gforge Gforge 4.5.14
7.2
CVSSv2
CVE-2007-2839
gfax 0.4.2 and probably other versions creates temporary files insecurely, which allows local users to execute arbitrary commands via unknown vectors.
Debian Gfax
1 EDB exploit
3.6
CVSSv2
CVE-2007-2837
The (1) getRule and (2) getChains functions in server/rules.cpp in fireflierd (fireflier-server) in FireFlier 1.1.6 allow local users to overwrite arbitrary files via a symlink attack on the /tmp/fireflier.rules temporary file.
Fireflier Fireflier 1.1.6
7.2
CVSSv2
CVE-2007-2838
The populate_conns function in src/populate_conns.c in GSAMBAD 0.1.4 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gsambadtmp temporary file.
Gsambad Gsambad 0.1.4
6.8
CVSSv2
CVE-2007-2835
Multiple stack-based buffer overflows in (1) CCE_pinyin.c and (2) xl_pinyin.c in ImmModules/cce/ in unicon-imc2 3.0.4, as used by zhcon and other applications, allow local users to gain privileges via a long HOME environment variable.
Unicon-imc2 Unicon-imc2 3.0.4
4.6
CVSSv2
CVE-2006-2196
Unspecified vulnerability in pinball 0.3.1 allows local users to gain privileges via unknown attack vectors that cause pinball to load plugins from an attacker-controlled directory while operating at raised privileges.
Jochen Friedrich Pinball 0.3.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »