Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tiny vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-1000880
libarchive version commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards (release v3.2.0 onwards) contains a CWE-20: Improper Input Validation vulnerability in WARC parser - libarchive/archive_read_support_format_warc.c, _warc_read() that can result in DoS - quasi-infinite run ...
Libarchive Libarchive
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Opensuse Leap 15.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
NA
CVE-2022-4023
The 3DPrint WordPress plugin prior to 3.5.6.9 does not protect against CSRF attacks in the modified version of Tiny File Manager included with the plugin, allowing an malicious user to craft a malicious request that will create an archive of any files or directories on the target...
3dprint Project 3dprint
2.1
CVSSv2
CVE-2005-3124
syslogtocern in Acme thttpd prior to 2.23 allows local users to write arbitrary files via a symlink attack on a temporary file.
Acme Labs Thttpd 2.21b
Acme Labs Thttpd 2.23b1
6.8
CVSSv2
CVE-2021-35535
Insecure Boot Image vulnerability in Hitachi Energy Relion Relion 670/650/SAM600-IO series allows an attacker who manages to get access to the front network port and to cause a reboot sequences of the device may exploit the vulnerability, where there is a tiny time gap during the...
Hitachienergy Relion 670 Firmware
Hitachienergy Relion 670 Firmware 2.2.0
Hitachienergy Relion 670 Firmware 2.2.1
Hitachienergy Relion 670 Firmware 2.2.2
Hitachienergy Relion 670 Firmware 2.2.4
Hitachienergy Relion 650 Firmware 2.2.0
Hitachienergy Relion 650 Firmware 2.2.1
Hitachienergy Relion 650 Firmware 2.2.4
Hitachienergy Relion Sam600-io Firmware 2.2.1
5
CVSSv2
CVE-2022-24884
ecdsautils is a tiny collection of programs used for ECDSA (keygen, sign, verify). `ecdsa_verify_[prepare_]legacy()` does not check whether the signature values `r` and `s` are non-zero. A signature consisting only of zeroes is always considered valid, making it trivial to forge ...
Ecdsautils Project Ecdsautils
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
NA
CVE-2022-34776
Tabit - giftcard stealth. Several APIs on the web system display, without authorization, sensitive information such as health statements, previous bills in a specific restaurant, alcohol consumption and smoking habits. Each of the described APIs, has in its URL one or more MongoD...
Tabit Tabit
NA
CVE-2024-32966
Static Web Server (SWS) is a tiny and fast production-ready web server suitable to serve static web files or assets. In affected versions if directory listings are enabled for a directory that an untrusted user has upload privileges for, a malicious file name like `<img src=x ...
2.1
CVSSv2
CVE-2019-6156
In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. While this provides sufficient protection, an additional layer of protection is provided by SPI Protected Range Registers (PRx). Lenovo was notified that after resuming from S3 sleep mode in vari...
Lenovo 510-15ikl Firmware -
Lenovo 510s-08ikl Firmware -
Lenovo Ideacentre 300-20ish Firmware -
Lenovo Ideacentre 300s-11ish Firmware -
Lenovo Ideacentre 510-15icb Firmware
Lenovo Ideacentre 510a-15icb Firmware
Lenovo Ideacentre 510s-08ish Firmware -
Lenovo Ideacentre 620s-03ikl Firmware -
Lenovo Ideacentre 700 Firmware
Lenovo Ideacentre 720-18icb Firmware
Lenovo Legion C530-19icb Firmware
Lenovo Legion C730-19ico Firmware
Lenovo Legion T530-28icb Firmware
Lenovo Legion T730-28ico Firmware
Lenovo Legion Y520t Z370 Firmware -
Lenovo Legion Y720 Tower Firmware -
Lenovo Legion Y920 Tower Firmware -
Lenovo Lenovo 63 Firmware -
Lenovo H50-30g Desktop Firmware -
Lenovo M4500 Firmware -
Lenovo M4500 Id Firmware -
Lenovo M4550 Id Firmware -
NA
CVE-2023-1667
A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service.
Libssh Libssh
Fedoraproject Fedora 37
Debian Debian Linux 10.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
5
CVSSv2
CVE-2014-8132
Double free vulnerability in the ssh_packet_kexinit function in kex.c in libssh 0.5.x and 0.6.x prior to 0.6.4 allows remote malicious users to cause a denial of service via a crafted kexinit packet.
Libssh Libssh 0.6.0
Libssh Libssh 0.6.1
Libssh Libssh 0.5.4
Libssh Libssh 0.5.5
Libssh Libssh 0.5.0
Libssh Libssh 0.6.2
Libssh Libssh 0.6.3
Libssh Libssh 0.5.2
Libssh Libssh 0.5.3
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Opensuse Opensuse 13.1
Opensuse Opensuse 12.3
Opensuse Opensuse 13.2
Fedoraproject Fedora 19
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »