Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
yelp vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-39928
A use-after-free vulnerability exists in the MediaRecorder API of Webkit WebKitGTK 2.40.5. A specially crafted web page can abuse this vulnerability to cause memory corruption and potentially arbitrary code execution. A user would need to to visit a malicious webpage to trigger t...
Webkitgtk Webkitgtk 2.40.5
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Fedoraproject Fedora 37
NA
CVE-2023-41074
The issue was addressed with improved checks. This issue is fixed in tvOS 17, Safari 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may lead to arbitrary code execution.
Apple Macos
Apple Watchos
Apple Iphone Os
Apple Ipados
Apple Tvos
Apple Safari
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Fedoraproject Fedora 37
NA
CVE-2023-41993
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
Apple Macos
Apple Ipados
Apple Iphone Os
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Oracle Jdk 1.8.0
Oracle Jre 1.8.0
Oracle Graalvm 21.3.9
Oracle Graalvm 20.3.13
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Cloud Insights Acquisition Unit -
Netapp Cloud Insights Storage Workload Security Agent -
7 Github repositories
2 Articles
NA
CVE-2023-0263
The WP Yelp Review Slider WordPress plugin prior to 7.1 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber.
Ljapps Wp Yelp Review Slider
605
VMScore
CVE-2018-10406
An issue exists in Yelp OSXCollector. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malic...
Yelp Osxcollector
383
VMScore
CVE-2010-1207
Mozilla Firefox prior to 3.6.7 and Thunderbird prior to 3.1.1 do not properly implement read restrictions for CANVAS elements, which allows remote malicious users to obtain sensitive cross-origin information via vectors involving reference retention and node deletion.
Mozilla Firefox 3.6
Mozilla Firefox 3.6.2
Mozilla Firefox 3.6.4
Mozilla Firefox
Mozilla Firefox 3.6.3
Mozilla Thunderbird
828
VMScore
CVE-2010-1208
Use-after-free vulnerability in the attribute-cloning functionality in the DOM implementation in Mozilla Firefox 3.5.x prior to 3.5.11 and 3.6.x prior to 3.6.7, and SeaMonkey prior to 2.0.6, allows remote malicious users to execute arbitrary code via vectors related to deletion o...
Mozilla Firefox
Mozilla Seamonkey
828
VMScore
CVE-2010-1209
Use-after-free vulnerability in the NodeIterator implementation in Mozilla Firefox 3.5.x prior to 3.5.11 and 3.6.x prior to 3.6.7, and SeaMonkey prior to 2.0.6, allows remote malicious users to execute arbitrary code via a crafted NodeFilter that detaches DOM nodes, related to th...
Mozilla Firefox 3.5.4
Mozilla Firefox 3.5.5
Mozilla Firefox 3.6.3
Mozilla Firefox 3.6.4
Mozilla Firefox 3.5.6
Mozilla Firefox 3.5.7
Mozilla Firefox 3.6.6
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.3
Mozilla Firefox 3.6.1
Mozilla Firefox 3.6.2
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5.9
Mozilla Firefox 3.5.10
Mozilla Seamonkey 1.0.5
Mozilla Seamonkey 1.0.7
Mozilla Seamonkey 1.0.8
Mozilla Seamonkey 1.1.11
Mozilla Seamonkey 1.1.12
Mozilla Seamonkey 1.1.19
Mozilla Seamonkey 1.1.2
Mozilla Seamonkey 1.0.2
383
VMScore
CVE-2010-1210
intl/uconv/util/nsUnicodeDecodeHelper.cpp in Mozilla Firefox prior to 3.6.7 and Thunderbird prior to 3.1.1 inserts a U+FFFD sequence into text in certain circumstances involving undefined positions, which might make it easier for remote malicious users to conduct cross-site scrip...
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.10
Mozilla Firefox 3.6.1
Mozilla Firefox 3.1
Mozilla Firefox 3.0
Mozilla Firefox 3.0.4
Mozilla Firefox 3.0.3
Mozilla Firefox 3.0.13
Mozilla Firefox 3.0.12
Mozilla Firefox 2.0.0.2
Mozilla Firefox 2.0.0.3
Mozilla Firefox 2.0.0.11
Mozilla Firefox 2.0.0.12
Mozilla Firefox 2.0.0.19
Mozilla Firefox 2.0.0.20
Mozilla Firefox 1.0.1
Mozilla Firefox 1.0.2
Mozilla Firefox 1.4.1
Mozilla Firefox 1.5
Mozilla Firefox 1.5.0.4
Mozilla Firefox 1.5.0.5
828
VMScore
CVE-2010-1211
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x prior to 3.5.11 and 3.6.x prior to 3.6.7, Thunderbird 3.0.x prior to 3.0.6 and 3.1.x prior to 3.1.1, and SeaMonkey prior to 2.0.6 allow remote malicious users to cause a denial of service (memory ...
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5.10
Mozilla Firefox 3.6.1
Mozilla Firefox 3.5.4
Mozilla Firefox 3.5.5
Mozilla Firefox 3.5.6
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6.6
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.3
Mozilla Firefox 3.6.2
Mozilla Firefox 3.6.3
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.9
Mozilla Thunderbird 3.0.2
Mozilla Thunderbird 3.0.3
Mozilla Thunderbird 3.1
Mozilla Thunderbird 3.0
Mozilla Thunderbird 3.0.4
Mozilla Thunderbird 3.0.5
Mozilla Thunderbird 3.0.1
Mozilla Seamonkey 1.0.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »