Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vagrant vulnerabilities and exploits
(subscribe to this query)
7
CVSSv3
CVE-2017-15884
In HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.0, a local attacker or malware can silently subvert the plugin update process in order to escalate to root privileges.
Hashicorp Vagrant Vmware Fusion 5.0.0
1 EDB exploit
7
CVSSv3
CVE-2017-16839
Hashicorp vagrant-vmware-fusion 5.0.4 allows local users to steal root privileges if VMware Fusion is not installed.
Hashicorp Vagrant Vmware Fusion 5.0.4
7.8
CVSSv3
CVE-2022-37009
In JetBrains IntelliJ IDEA prior to 2022.2 local code execution via a Vagrant executable was possible
Jetbrains Intellij Idea
NA
CVE-2016-0495
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 4.3.36 and 5.0.14 allows remote malicious users to affect availability via unknown vectors related to Core.
Oracle Vm Virtualbox
Debian Debian Linux 8.0
NA
CVE-2016-0592
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 4.3.36 and prior to 5.0.14 allows local users to affect availability via unknown vectors related to Core.
Oracle Vm Virtualbox
Debian Debian Linux 9.0
Debian Debian Linux 8.0
NA
CVE-2007-2879
Cross-site scripting (XSS) vulnerability in mods.php in GTP GNUTurk Portal System 3G allows remote malicious users to inject arbitrary web script or HTML via the month parameter.
Gnuturk Gnuturk Portal System 3g
1 EDB exploit
NA
CVE-2007-2887
Cross-site scripting (XSS) vulnerability in index.php in Web Icerik Yonetim Sistemi (WIYS) 1.0 allows remote malicious users to inject arbitrary web script or HTML via the No parameter in the Sayfa page.
Forsnet Web Icerik Yonetim Sistemi 1.0
1 EDB exploit
NA
CVE-2007-2892
Cross-site scripting (XSS) vulnerability in news.asp in ASP-Nuke 2.0.7 allows remote malicious users to inject arbitrary web script or HTML via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Asp-nuke Asp-nuke 2.0.7
1 EDB exploit
NA
CVE-2007-3055
Cross-site scripting (XSS) vulnerability in index.php in Codelib Linker 2.0.4 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the cat parameter.
Codelib Linker
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2