Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
will drewry vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2007-2488
The IAX2 channel driver (chan_iax2) in Asterisk prior to 20070504 does not properly null terminate data, which allows remote malicious users to trigger loss of transmitted data, and possibly obtain sensitive information (memory contents) or cause a denial of service (application ...
Asterisk Asterisk
10
CVSSv2
CVE-2006-3738
Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 prior to 0.9.7l, 0.9.8 prior to 0.9.8d, and previous versions versions has unspecified impact and remote attack vectors involving a long list of ciphers.
Openssl Openssl 0.9.7
Openssl Openssl 0.9.7g
Openssl Openssl 0.9.7h
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.7a
Openssl Openssl 0.9.7b
Openssl Openssl 0.9.7i
Openssl Openssl 0.9.7j
Openssl Openssl 0.9.7e
Openssl Openssl 0.9.7f
Openssl Openssl 0.9.8a
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.7k
Openssl Openssl 0.9.8
9.3
CVSSv2
CVE-2009-0950
Stack-based buffer overflow in Apple iTunes prior to 8.2 allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via an itms: URL with a long URL component after a colon.
Apple Itunes 1.0
Apple Itunes 1.1.1
Apple Itunes 1.1.2
Apple Itunes 2.0.1
Apple Itunes 2.0.2
Apple Itunes 2.0.3
Apple Itunes 2.0.4
Apple Itunes 3.0
Apple Itunes 3.0.1
Apple Itunes 4.0.1
Apple Itunes 4.1
Apple Itunes 4.2
Apple Itunes 4.5
Apple Itunes 4.5.0
Apple Itunes 4.6
Apple Itunes 4.7
Apple Itunes 4.7.1
Apple Itunes 4.8.0
Apple Itunes 4.8
Apple Itunes 4.9
Apple Itunes 5.0.0
Apple Itunes 6.0.0
4 EDB exploits
9.3
CVSSv2
CVE-2007-4771
Heap-based buffer overflow in the doInterval function in regexcmp.cpp in libicu in International Components for Unicode (ICU) 3.8.1 and previous versions allows context-dependent malicious users to cause a denial of service (memory consumption) and possibly have unspecified other...
Icu-project International Components For Unicode
9.3
CVSSv2
CVE-2007-3762
Stack-based buffer overflow in the IAX2 channel driver (chan_iax2) in Asterisk prior to 1.2.22 and 1.4.x prior to 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit prior to 0.5.0, and s800i prior to 1.0.2 allows remote malicious users to ex...
Asterisk Asterisk 1.0.6
Asterisk Asterisk 1.0.7
Asterisk Asterisk 1.2.12
Asterisk Asterisk 1.2.13
Asterisk Asterisk 1.2.8
Asterisk Asterisk 1.2.9
Asterisk Asterisk B.1.3.3
Asterisk Asterisk B.2.2.0
Asterisk Asterisk 1.0
Asterisk Asterisk 1.0.10
Asterisk Asterisk 1.2.0 Beta1
Asterisk Asterisk 1.0.11
Asterisk Asterisk 1.0.12
Asterisk Asterisk 1.2.10
Asterisk Asterisk 1.2.11
Asterisk Asterisk 1.2.5
Asterisk Asterisk 1.2.6
Asterisk Asterisk 1.2.7
Asterisk Asterisk A
Asterisk Asterisk B.1.3.2
Asterisk Asterisk 1.2.0 Beta2
Asterisk Asterisk 1.2.16
7.8
CVSSv2
CVE-2007-2294
The Manager Interface in Asterisk prior to 1.2.18 and 1.4.x prior to 1.4.3 allows remote malicious users to cause a denial of service (crash) by using MD5 authentication to authenticate a user that does not have a password defined in manager.conf, resulting in a NULL pointer dere...
Asterisk Asterisk 1.2.11
Asterisk Asterisk 1.2.12
Asterisk Asterisk 1.2.6
Asterisk Asterisk 1.2.7
Asterisk Asterisk 1.2.8
Asterisk Asterisk 1.2.0 Beta2
Asterisk Asterisk 1.2.10
Asterisk Asterisk 1.2.17
Asterisk Asterisk 1.2.5
Asterisk Asterisk 1.2.13
Asterisk Asterisk 1.2.14
Asterisk Asterisk 1.2.9
Asterisk Asterisk 1.4.1
Asterisk Asterisk 1.2.0 Beta1
Asterisk Asterisk 1.2.15
Asterisk Asterisk 1.2.16
Asterisk Asterisk 1.4.2
Asterisk Asterisk 1.4 Beta
7.8
CVSSv2
CVE-2007-2297
The SIP channel driver (chan_sip) in Asterisk prior to 1.2.18 and 1.4.x prior to 1.4.3 does not properly parse SIP UDP packets that do not contain a valid response code, which allows remote malicious users to cause a denial of service (crash).
Asterisk Asterisk 1.2.0 Beta2
Asterisk Asterisk 1.2.10
Asterisk Asterisk 1.2.17
Asterisk Asterisk 1.4.1
Asterisk Asterisk 1.2.0 Beta1
Asterisk Asterisk 1.2.15
Asterisk Asterisk 1.2.16
Asterisk Asterisk 1.2.11
Asterisk Asterisk 1.2.12
Asterisk Asterisk 1.4.2
Asterisk Asterisk 1.4 Beta
Asterisk Asterisk 1.2.13
Asterisk Asterisk 1.2.14
7.8
CVSSv2
CVE-2007-1561
The channel driver in Asterisk prior to 1.2.17 and 1.4.x prior to 1.4.2 allows remote malicious users to cause a denial of service (crash) via a SIP INVITE message with an SDP containing one valid and one invalid IP address.
Asterisk Asterisk 1.2.15
Asterisk Asterisk 1.2.16
Asterisk Asterisk 1.4.1
Asterisk Asterisk 1.2.14
1 EDB exploit
7.8
CVSSv2
CVE-2007-1306
Asterisk 1.4 prior to 1.4.1 and 1.2 prior to 1.2.16 allows remote malicious users to cause a denial of service (crash) by sending a Session Initiation Protocol (SIP) packet without a URI and SIP-version header, which results in a NULL pointer dereference.
Digium Asterisk 1.2.12.1
Digium Asterisk 1.2.13
Digium Asterisk 1.2 Beta1
Digium Asterisk 1.2 Beta2
Digium Asterisk 1.2.11
Digium Asterisk 1.2.12
Digium Asterisk 1.2.8
Digium Asterisk 1.2.9
Digium Asterisk 1.2.0 Beta1
Digium Asterisk 1.2.14
Digium Asterisk 1.2.15
Digium Asterisk 1.4.0
Digium Asterisk 1.4.0 Beta1
Digium Asterisk 1.4.0 Beta2
Digium Asterisk 1.2.0 Beta2
Digium Asterisk 1.2.10
Digium Asterisk 1.2.6
Digium Asterisk 1.2.7
1 EDB exploit
7.8
CVSSv2
CVE-2006-2940
OpenSSL 0.9.7 prior to 0.9.7l, 0.9.8 prior to 0.9.8d, and previous versions versions allows malicious users to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certif...
Openssl Openssl 0.9.7a
Openssl Openssl 0.9.7b
Openssl Openssl 0.9.7i
Openssl Openssl 0.9.7j
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.7k
Openssl Openssl 0.9.8
Openssl Openssl 0.9.6h
Openssl Openssl 0.9.6c
Openssl Openssl 0.9.6b
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.7e
Openssl Openssl 0.9.7f
Openssl Openssl 0.9.8a
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.6e
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.3a
Openssl Openssl 0.9.6f
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »