Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
validation vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2009-0234
The DNS Resolver Cache Service (aka DNSCache) in Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008 does not properly cache crafted DNS responses, which makes it easier for remote malicious users to predict transaction IDs and poison caches...
Microsoft Windows Server 2003
Microsoft Windows 2000
Microsoft Windows Server 2008
10
CVSSv2
CVE-2000-0177
DNSTools CGI applications allow remote malicious users to execute arbitrary commands via shell metacharacters.
Dnstools Software Dnstools
1 EDB exploit
10
CVSSv2
CVE-2003-0255
The key validation code in GnuPG prior to 1.2.2 does not properly determine the validity of keys with multiple user IDs and assigns the greatest validity of the most valid user ID, which prevents GnuPG from warning the encrypting user when a user ID does not have a trusted path.
Gnu Privacy Guard
4.3
CVSSv2
CVE-2006-0110
Cross-site scripting (XSS) vulnerability in escribir.php in Foro Domus 2.10 allows remote malicious users to inject arbitrary web script via the email parameter.
Javier Suarez Sanz Foro Domus 2.10
1 EDB exploit
6.8
CVSSv2
CVE-2015-6357
The rule-update feature in Cisco FireSIGHT Management Center (MC) 5.2 up to and including 5.4.0.1 does not verify the X.509 certificate of the support.sourcefire.com SSL server, which allows man-in-the-middle malicious users to spoof this server and provide an invalid package, an...
Cisco Firesight System Software 5.3.1.1
Cisco Firesight System Software 5.3.1.2
Cisco Firesight System Software 5.4.0.1
Cisco Firesight System Software 5.2.0
Cisco Firesight System Software 5.3.0
Cisco Firesight System Software 5.3.1.5
Cisco Firesight System Software 5.4.0
1 Github repository
6.8
CVSSv2
CVE-2008-2942
Directory traversal vulnerability in patch.py in Mercurial 1.0.1 allows user-assisted malicious users to modify arbitrary files via ".." (dot dot) sequences in a patch file.
Mercurial Mercurial 1.0.1
7.5
CVSSv2
CVE-2008-0173
SQL injection vulnerability in Gforge 4.6.99 and previous versions allows remote malicious users to execute arbitrary SQL commands via unspecified parameters, related to RSS exports.
Gforge Gforge
NA
CVE-2022-20860
A vulnerability in the SSL/TLS implementation of Cisco Nexus Dashboard could allow an unauthenticated, remote malicious user to alter communications with associated controllers or view sensitive information. This vulnerability exists because SSL server certificates are not valida...
Cisco Nexus Dashboard
5
CVSSv2
CVE-2001-0418
content.pl script in NCM Content Management System allows remote malicious users to read arbitrary contents of the content database by inserting SQL characters into the id parameter.
Ncm Ncm Content Management System
1 EDB exploit
4.3
CVSSv2
CVE-2006-2089
Multiple cross-site scripting (XSS) vulnerabilities in misc.php in MySmartBB 1.1.x allow remote malicious users to inject arbitrary web script or HTML via the (1) id and (2) username parameters.
Mysmartbb Mysmartbb 1.1.3
Mysmartbb Mysmartbb 1.1.2
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »