Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wood vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2019-11636
Zcash 2.x allows an inexpensive approach to "fill all transactions of all blocks" and "prevent any real transaction from occurring" via a "Sapling Wood-Chipper" attack.
Z.cash Zcash 2.0.5
Z.cash Zcash
1 Github repository
NA
CVE-2001-1156
TYPSoft FTP 0.95 allows remote malicious users to cause a denial of service (CPU consumption) via a "../../*" argument to (1) STOR or (2) RETR.
Typsoft Typsoft Ftp Server 0.95
1 EDB exploit
NA
CVE-2005-1077
Multiple cross-site scripting (XSS) vulnerabilities in XAMPP 1.4.x allow remote malicious users to inject arbitrary web script or HTML via (1) cds.php, (2) Guestbook-EN.pl, or (3) phonebook.php.
Xampp Apache Distribution 0.3
Xampp Apache Distribution 1.4.1
Xampp Apache Distribution 1.4.3
Xampp Apache Distribution 1.4.4
Xampp Apache Distribution 1.4.5
Xampp Apache Distribution 1.4.11
Xampp Apache Distribution 1.4.12
Xampp Apache Distribution 1.4.8
Xampp Apache Distribution 1.4.9
Xampp Apache Distribution 0.1
Xampp Apache Distribution 0.2
Xampp Apache Distribution 1.4.13
Xampp Apache Distribution 1.4.2
Xampp Apache Distribution 1.4.10
Xampp Apache Distribution 1.4.10a
Xampp Apache Distribution 1.4.6
Xampp Apache Distribution 1.4.7
1 EDB exploit
NA
CVE-2005-1078
XAMPP 1.4.x has multiple default or null passwords, which allows malicious users to gain privileges.
Xampp Apache Distribution 0.2
Xampp Apache Distribution 0.3
Xampp Apache Distribution 1.4.2
Xampp Apache Distribution 1.4.3
Xampp Apache Distribution 1.4.10a
Xampp Apache Distribution 1.4.11
Xampp Apache Distribution 1.4.6
Xampp Apache Distribution 1.4.7
Xampp Apache Distribution 0.1
Xampp Apache Distribution 1.4.12
Xampp Apache Distribution 1.4.13
Xampp Apache Distribution 1.4.8
Xampp Apache Distribution 1.4.9
Xampp Apache Distribution 1.4.1
Xampp Apache Distribution 1.4.10
Xampp Apache Distribution 1.4.4
Xampp Apache Distribution 1.4.5
1 EDB exploit
NA
CVE-2005-2035
SQL injection vulnerability in login.asp for Cool Cafe (Cool Café) Chat 1.2.1 allows remote malicious users to execute arbitrary SQL commands via the password.
Cool Cafe Chat Cool Cafe Chat 1.2.1
1 EDB exploit
NA
CVE-2005-1606
H-Sphere Winbox 2.4.2 and 2.4.3 RC1 stores sensitive information such as username and password in plaintext in world-readable log files, which allows local users to gain privileges.
Positive Software H-sphere Winbox 2.4.2 Patch 4
Positive Software H-sphere Winbox 2.4.3 Rc1
1 EDB exploit
NA
CVE-2005-0420
Microsoft Outlook Web Access (OWA), when used with Exchange, allows remote malicious users to redirect users to arbitrary URLs for login via a link to the owalogon.asp application.
Microsoft Exchange Server 2003
1 EDB exploit
NA
CVE-2015-5603
The HipChat for JIRA plugin prior to 6.30.0 for Atlassian JIRA allows remote authenticated users to execute arbitrary Java code via unspecified vectors, related to "Velocity Template Injection Vulnerability."
Atlassian Hipchat
2 EDB exploits
NA
CVE-2014-0647
The Starbucks 2.6.1 application for iOS stores sensitive information in plaintext in the Crashlytics log file (/Library/Caches/com.crashlytics.data/com.starbucks.mystarbucks/session.clslog), which allows malicious users to discover usernames, passwords, and e-mail addresses via a...
Starbucks Starbucks 2.6.1
NA
CVE-2013-6986
The ZippyYum Subway CA Kiosk app 3.4 for iOS uses cleartext storage in SQLite cache databases, which allows malicious users to obtain sensitive information by reading data elements, as demonstrated by password elements.
Zippyyum Subway Ordering For California 3.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »