Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
steve kemp vulnerabilities and exploits
(subscribe to this query)
435
VMScore
CVE-2009-2937
Cross-site scripting (XSS) vulnerability in Planet 2.0 and Planet Venus allows remote malicious users to inject arbitrary web script or HTML via the SRC attribute of an IMG element in a feed.
Intertwingly Planet 2.0
Intertwingly Planet Venus
1 EDB exploit
641
VMScore
CVE-2008-2378
Untrusted search path vulnerability in hfkernel in hf 0.7.3 and 0.8 allows local users to gain privileges via a Trojan horse killall program in a directory in the PATH, related to improper handling of the -k option.
Hf Hf 0.8
Hf Hf 0.7.3
561
VMScore
CVE-2008-0931
w_export.c in XWine 1.0.1 on Debian GNU/Linux sets insecure permissions (0666) for /etc/wine/config, which might allow local users to execute arbitrary commands or cause a denial of service by modifying the file.
Xwine Xwine 1.0.1
641
VMScore
CVE-2008-0930
w_editeur.c in XWine 1.0.1 for Debian GNU/Linux allows local users to overwrite or print arbitrary files via a symlink attack on the temporaire temporary file. NOTE: some of these details are obtained from third party information.
Freshmeat Xwine 1.0.1
294
VMScore
CVE-2007-3921
gforge 3.1 and 4.5.14 allows local users to truncate arbitrary files via a symlink attack on temporary files.
Gforge Gforge 3.1
Gforge Gforge 4.5.14
725
VMScore
CVE-2007-2839
gfax 0.4.2 and probably other versions creates temporary files insecurely, which allows local users to execute arbitrary commands via unknown vectors.
Debian Gfax
1 EDB exploit
320
VMScore
CVE-2007-2837
The (1) getRule and (2) getChains functions in server/rules.cpp in fireflierd (fireflier-server) in FireFlier 1.1.6 allow local users to overwrite arbitrary files via a symlink attack on the /tmp/fireflier.rules temporary file.
Fireflier Fireflier 1.1.6
605
VMScore
CVE-2007-2835
Multiple stack-based buffer overflows in (1) CCE_pinyin.c and (2) xl_pinyin.c in ImmModules/cce/ in unicon-imc2 3.0.4, as used by zhcon and other applications, allow local users to gain privileges via a long HOME environment variable.
Unicon-imc2 Unicon-imc2 3.0.4
641
VMScore
CVE-2007-2838
The populate_conns function in src/populate_conns.c in GSAMBAD 0.1.4 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gsambadtmp temporary file.
Gsambad Gsambad 0.1.4
409
VMScore
CVE-2006-2196
Unspecified vulnerability in pinball 0.3.1 allows local users to gain privileges via unknown attack vectors that cause pinball to load plugins from an attacker-controlled directory while operating at raised privileges.
Jochen Friedrich Pinball 0.3.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »