Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tiny vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2022-34774
Tabit - Arbitrary account modification. One of the endpoints mapped by the tiny URL, was a page where an adversary can modify personal details, such as email addresses and phone numbers of a specific user in a restaurant's loyalty program. Possibly allowing account takeover ...
Tabit Tabit
7.5
CVSSv3
CVE-2018-7164
Node.js versions 9.7.0 and later and 10.x are vulnerable and the severity is MEDIUM. A bug introduced in 9.7.0 increases the memory consumed when reading from the network into JavaScript using the net.Socket object directly as a stream. An attacker could use this cause a denial o...
Nodejs Node.js
8.1
CVSSv3
CVE-2022-3899
The 3dprint WordPress plugin prior to 3.5.6.9 does not protect against CSRF attacks in the modified version of Tiny File Manager included with the plugin, allowing an malicious user to craft a malicious request that will delete any number of files or directories on the target ser...
3dprint Project 3dprint
NA
CVE-2006-1898
Multiple cross-site scripting (XSS) vulnerabilities in Ralph Capper Tiny PHP Forum (TPF) 3.6 allow remote malicious users to inject arbitrary web script or HTML via (1) the uname parameter in a view action in profile.php and (2) a login name. NOTE: the "Access to hash passwo...
Ralph Capper Tinyphpforum 3.6
NA
CVE-2006-0645
Tiny ASN.1 Library (libtasn1) prior to 0.2.18, as used by (1) GnuTLS 1.2.x prior to 1.2.10 and 1.3.x prior to 1.3.4, and (2) GNU Shishi, allows malicious users to crash the DER decoder and possibly execute arbitrary code via "out-of-bounds access" caused by invalid inpu...
Free Software Foundation Inc. Libtasn1 0.2.0
Free Software Foundation Inc. Libtasn1 0.2.1
Free Software Foundation Inc. Libtasn1 0.2.17
Free Software Foundation Inc. Libtasn1 0.2.2
Free Software Foundation Inc. Libtasn1 0.2.9
Free Software Foundation Inc. Libtasn1 0.1.1
Free Software Foundation Inc. Libtasn1 0.1.2
Free Software Foundation Inc. Libtasn1 0.2.14
Free Software Foundation Inc. Libtasn1 0.2.15
Free Software Foundation Inc. Libtasn1 0.2.16
Free Software Foundation Inc. Libtasn1 0.2.7
Free Software Foundation Inc. Libtasn1 0.2.8
Free Software Foundation Inc. Libtasn1 0.2.10
Free Software Foundation Inc. Libtasn1 0.2.11
Free Software Foundation Inc. Libtasn1 0.2.3
Free Software Foundation Inc. Libtasn1 0.2.4
Free Software Foundation Inc. Libtasn1 0.1.0
Free Software Foundation Inc. Libtasn1 0.2.12
Free Software Foundation Inc. Libtasn1 0.2.13
Free Software Foundation Inc. Libtasn1 0.2.5
Free Software Foundation Inc. Libtasn1 0.2.6
9.8
CVSSv3
CVE-2022-30273
The Motorola MDLC protocol through 2022-05-02 mishandles message integrity. It supports three security modes: Plain, Legacy Encryption, and New Encryption. In Legacy Encryption mode, traffic is encrypted via the Tiny Encryption Algorithm (TEA) block-cipher in ECB mode. This mode ...
Motorolasolutions Mdlc 4.80.0024
Motorolasolutions Mdlc 4.82.004
Motorolasolutions Mdlc 4.83.001
NA
CVE-2007-5421
Rejected reason: Multiple stack-based buffer overflows in Cisco IOS 12.x and IOS XR allow malicious users to execute arbitrary code, as demonstrated via the "Bind Shell", "Reverse Shell", and "Two byte rootshell (Tiny Shell)" attacks. NOTE: the vendo...
6.5
CVSSv3
CVE-2020-25180
Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x includes the functionality of setting a password that is required to execute privileged commands. The password value passed to ISaGRAF Runtime is the result of encryption performed with a fixed key value using the tiny encr...
Schneider-electric Easergy T300 Firmware
Schneider-electric Easergy C5 Firmware
Schneider-electric Micom C264 Firmware
Schneider-electric Pacis Gtw Firmware 5.1
Schneider-electric Pacis Gtw Firmware 5.2
Schneider-electric Pacis Gtw Firmware 6.1
Schneider-electric Pacis Gtw Firmware 6.3
Schneider-electric Saitel Dp Firmware
Schneider-electric Epas Gtw Firmware 6.4
Schneider-electric Saitel Dr Firmware
Schneider-electric Scd2200 Firmware
Rockwellautomation Aadvance Controller
Rockwellautomation Isagraf Free Runtime
Rockwellautomation Isagraf Runtime
Rockwellautomation Micro810 Firmware -
Rockwellautomation Micro820 Firmware -
Rockwellautomation Micro830 Firmware -
Rockwellautomation Micro850 Firmware -
Rockwellautomation Micro870 Firmware -
Xylem Multismart Firmware
9.8
CVSSv3
CVE-2022-30274
The Motorola ACE1000 RTU through 2022-05-02 uses ECB encryption unsafely. It can communicate with an XRT LAN-to-radio gateway by means of an embedded client. Credentials for accessing this gateway are stored after being encrypted with the Tiny Encryption Algorithm (TEA) in ECB mo...
Motorola Ace1000 Firmware -
7.5
CVSSv3
CVE-2022-34775
Tabit - Excessive data exposure. Another endpoint mapped by the tiny url, was one for reservation cancellation, containing the MongoDB ID of the reservation, and organization. This can be used to query the http://tgm-api.tabit.cloud/rsv/management/{reservationId}?organization={or...
Tabit Tabit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »