Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
trunk vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-22741
Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. In affected versions Sofia-SIP **lacks both message length and attributes length checks** when it handles STUN packets, leading to controllable heap-over-flow. For example, in stun_...
Signalwire Sofia-sip
NA
CVE-2022-45907
In PyTorch before trunk/89695, torch.jit.annotations.parse_type_line can cause arbitrary code execution because eval is used unsafely.
Linuxfoundation Pytorch
NA
CVE-2022-29277
Incorrect pointer checks within the the FwBlockServiceSmm driver can allow arbitrary RAM modifications During review of the FwBlockServiceSmm driver, certain instances of SpiAccessLib could be tricked into writing 0xff to arbitrary system and SMRAM addresses. Fixed in: INTEL Purl...
Amd Genoa Firmware
Amd Hygon 1 Firmware
Amd Hygon 2 Firmware
Amd Hygon 3 Firmware
Amd Milan Firmware
Amd Rome Firmware
Amd Ryzen 5300g Firmware
Amd Ryzen 5300ge Firmware
Amd Ryzen 5600g Firmware
Amd Ryzen 5600ge Firmware
Amd Ryzen 5600x Firmware
Amd Ryzen 5700g Firmware
Amd Ryzen 5700ge Firmware
Amd Ryzen 5800x Firmware
Amd Ryzen 5800x3d Firmware
Amd Ryzen 5900x Firmware
Amd Ryzen 5950x Firmware
Amd Snowy Owl R1000 Firmware
Amd Snowy Owl R2000 Firmware
Amd Snowy Owl V2000 Firmware
Amd Snowy Owl V3000 Firmware
Intel Alder Lake Firmware
187
VMScore
CVE-2021-42361
The Contact Form Email WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and escaping via the name parameter found in the ~/trunk/cp-admin-int-list.inc.php file which allowed attackers with administrative user access to inject arbi...
Codepeople Contact Form Email
312
VMScore
CVE-2021-39355
The Indeed Job Importer WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/indeed-job-importer/trunk/indeed-job-importer.php file which allowed attackers with administrative use...
Indeed-job-importer Project Indeed-job-importer
605
VMScore
CVE-2021-34619
The WooCommerce Stock Manager WordPress plugin is vulnerable to Cross-Site Request Forgery leading to Arbitrary File Upload in versions up to, and including, 2.5.7 due to missing nonce and file validation in the /woocommerce-stock-manager/trunk/admin/views/import-export.php file.
Storeapps Stock Manager For Woocommerce
445
VMScore
CVE-2021-27212
In OpenLDAP up to and including 2.4.57 and 2.5.x up to and including 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_...
Openldap Openldap 2.5.1
Openldap Openldap 2.5.0
Openldap Openldap
Debian Debian Linux 9.0
Debian Debian Linux 10.0
445
VMScore
CVE-2020-36221
An integer underflow exists in OpenLDAP prior to 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck).
Openldap Openldap
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Apple Mac Os X
Apple Mac Os X 10.14.6
Apple Macos
445
VMScore
CVE-2020-36222
A flaw exists in OpenLDAP prior to 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service.
Openldap Openldap
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Apple Mac Os X
Apple Mac Os X 10.14.6
Apple Macos
446
VMScore
CVE-2020-36223
A flaw exists in OpenLDAP prior to 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read).
Openldap Openldap
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Apple Mac Os X
Apple Mac Os X 10.14.6
Apple Macos
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »