Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tenable vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2018-7584
In PHP up to and including 5.6.33, 7.0.x prior to 7.0.28, 7.1.x up to and including 7.1.14, and 7.2.x up to and including 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the php_stream_url_wrap_http_ex function in ext/standard/http_fopen_wrapper....
Php Php
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
1 EDB exploit
7.5
CVSSv2
CVE-2016-0718
Expat allows context-dependent malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.
Mozilla Firefox
Apple Mac Os X
Suse Linux Enterprise Server 11
Suse Studio Onsite 1.3
Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Debuginfo 11
Opensuse Leap 42.1
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Server 12
Suse Linux Enterprise Desktop 12
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Libexpat Project Libexpat
Debian Debian Linux 8.0
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Mcafee Policy Auditor
Python Python
1 Article
7.5
CVSSv2
CVE-2015-8387
PCRE prior to 8.38 mishandles (?123) subroutine calls and related subroutine calls, which allows remote malicious users to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegE...
Pcre Perl Compatible Regular Expression Library
Fedoraproject Fedora 22
Php Php
7.5
CVSSv2
CVE-2015-8389
PCRE prior to 8.38 mishandles the /(?:|a|){100}x/ pattern and related patterns, which allows remote malicious users to cause a denial of service (infinite recursion) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp...
Pcre Perl Compatible Regular Expression Library
Fedoraproject Fedora 22
Php Php
7.5
CVSSv2
CVE-2015-8394
PCRE prior to 8.38 mishandles the (?(<digits>) and (?(R<digits>) conditions, which allows remote malicious users to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript...
Pcre Perl Compatible Regular Expression Library
Php Php
7.5
CVSSv2
CVE-2015-8390
PCRE prior to 8.38 mishandles the [: and \\ substrings in character classes, which allows remote malicious users to cause a denial of service (uninitialized memory read) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript Re...
Pcre Perl Compatible Regular Expression Library
Fedoraproject Fedora 22
Php Php
7.5
CVSSv2
CVE-2015-7036
The fts3_tokenizer function in SQLite, as used in Apple iOS prior to 8.4 and OS X prior to 10.10.4, allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via a SQL command that triggers an API call with a crafted pointer value in...
Apple Mac Os X
Apple Iphone Os
1 Article
7.5
CVSSv2
CVE-2014-0107
The TransformerFactory in Apache Xalan-Java prior to 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, which allows remote malicious users to bypass expected restrictions and load arbitrary classes or access external resource...
Apache Xalan-java 2.6.0
Apache Xalan-java
Apache Xalan-java 2.0.1
Apache Xalan-java 2.0.0
Apache Xalan-java 2.5.1
Apache Xalan-java 2.5.0
Apache Xalan-java 2.4.1
Apache Xalan-java 2.1.0
Apache Xalan-java 2.7.0
Apache Xalan-java 2.5.2
Apache Xalan-java 2.2.0
Apache Xalan-java 2.4.0
Apache Xalan-java 1.0.0
Oracle Webcenter Sites 11.1.1.8.0
Oracle Webcenter Sites 7.6.2
7.5
CVSSv2
CVE-2013-2154
Stack-based buffer overflow in the XML Signature Reference functionality (xsec/dsig/DSIGReference.cpp) in Apache Santuario XML Security for C++ (aka xml-security-c) prior to 1.7.1 allows context-dependent malicious users to cause a denial of service (crash) and possibly execute a...
Apache Xml Security For C\\+\\+ 1.6.0
Apache Xml Security For C\\+\\+ 1.1.0
Apache Xml Security For C\\+\\+ 1.6.1
Apache Xml Security For C\\+\\+ 1.2.1
Apache Xml Security For C\\+\\+ 1.5.1
Apache Xml Security For C\\+\\+ 1.5.0
Apache Xml Security For C\\+\\+ 0.2.0
Apache Xml Security For C\\+\\+ 1.3.0
Apache Xml Security For C\\+\\+
Apache Xml Security For C\\+\\+ 1.4.0
Apache Xml Security For C\\+\\+ 1.3.1
Apache Xml Security For C\\+\\+ 1.2.0
Apache Xml Security For C\\+\\+ 0.1.0
7.5
CVSSv2
CVE-2013-2156
Heap-based buffer overflow in the Exclusive Canonicalization functionality (xsec/canon/XSECC14n20010315.cpp) in Apache Santuario XML Security for C++ (aka xml-security-c) prior to 1.7.1 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitr...
Apache Xml Security For C\\+\\+ 1.6.0
Apache Xml Security For C\\+\\+ 1.1.0
Apache Xml Security For C\\+\\+ 1.6.1
Apache Xml Security For C\\+\\+ 1.2.1
Apache Xml Security For C\\+\\+ 1.5.1
Apache Xml Security For C\\+\\+ 1.5.0
Apache Xml Security For C\\+\\+ 0.2.0
Apache Xml Security For C\\+\\+ 1.3.0
Apache Xml Security For C\\+\\+
Apache Xml Security For C\\+\\+ 1.4.0
Apache Xml Security For C\\+\\+ 1.3.1
Apache Xml Security For C\\+\\+ 1.2.0
Apache Xml Security For C\\+\\+ 0.1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »