Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
validation vulnerabilities and exploits
(subscribe to this query)
8.2
CVSSv3
CVE-2020-11900
The Treck TCP/IP stack prior to 6.0.1.41 has an IPv4 tunneling Double Free.
Treck Tcp\\/ip
9
CVSSv3
CVE-2020-11901
The Treck TCP/IP stack prior to 6.0.1.66 allows Remote Code execution via a single invalid DNS response.
Treck Tcp\\/ip
1 Github repository
7.3
CVSSv3
CVE-2020-11902
The Treck TCP/IP stack prior to 6.0.1.66 has an IPv6OverIPv4 tunneling Out-of-bounds Read.
Treck Tcp\\/ip
NA
CVE-2005-0735
newsscript.pl for NewsScript allows remote malicious users to gain privileges by setting the mode parameter to admin.
Newsscript.co.uk Newsscript
1 EDB exploit
NA
CVE-2005-1398
phpcart.php in PHPCart 3.2 allows remote malicious users to change product price information by modifying the (1) price or (2) postage parameters. NOTE: it was later reported that 3.4 up to and including 4.6.4 are also affected.
Phpcart Phpcart 3.2
Phpcart Phpcart 3.4
Phpcart Phpcart 4.6.4
1 EDB exploit
NA
CVE-2004-2699
deleteicon.aspx in AspDotNetStorefront 3.3 allows remote malicious users to delete arbitrary product images via a modified ProductID parameter.
Aspdotnetstorefront Aspdotnetstorefront 3.3
1 EDB exploit
NA
CVE-2006-6919
Firefox Sage extension 1.3.8 and previous versions allows remote malicious users to execute arbitrary Javascript in the local context via an RSS feed with an img tag containing the script followed by an extra trailing ">", which Sage modifies to close the img element...
Sage-mozdev Sage
1 EDB exploit
NA
CVE-2006-3329
SQL injection vulnerability in search.php in PHP/MySQL Classifieds (PHP Classifieds) allows remote malicious users to execute arbitrary SQL commands via the rate parameter.
Deltascripts Php Classifieds 6.04
1 EDB exploit
8.1
CVSSv3
CVE-2018-17215
An information-disclosure issue exists in Postman up to and including 6.3.0. It validates a server's X.509 certificate and presents an error if the certificate is not valid. Unfortunately, the associated HTTPS request data is sent anyway. Only the response is not displayed. ...
Postman Postman
NA
CVE-2005-0494
The RgSecurity form in the HTTP server for the Thomson TCW690 cable modem running firmware 2.1 and software ST42.03.0a does not properly validate the password before performing changes, which allows remote attackers on the LAN to gain access via a direct POST request.
Thomson Thomson Cable Modem Tcw690
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »