No | Text |
1 | Follow security vulnerabilitiesin your favorite software stacks |
No | Text |
1 | Most vulnerabilities most cves per product since 2018 |
2 | Pop****r vendors |
3 | Pop****r products |
4 | Recent vulnerabilities |
No | Text |
1 | Debian - debian linux 1576 vulnerabilities os |
2 | Canonical - ubuntu linux 1131 vulnerabilities linux operating system |
3 | Google - android 1080 vulnerabilities mobile operating system |
4 | Microsoft - windows 10 1040 vulnerabilities |
5 | Microsoft - windows server 2016 1018 vulnerabilities |
6 | Microsoft - windows server 2019 805 vulnerabilities |
7 | Google - chrome 689 vulnerabilities web browser |
8 | Microsoft - windows server 2012 677 vulnerabilities |
9 | Microsoft - windows 8.1 672 vulnerabilities |
10 | Microsoft - windows 7 661 vulnerabilities |
11 | Microsoft - windows server 2008 641 vulnerabilities |
12 | Microsoft - windows rt 8 1 629 vulnerabilities |
13 | Red hat - enterprise linux server 572 vulnerabilities redhat enterprise linux (rhel) server. ıncludes software bundeled with rhel server. |
14 | Red hat - enterprise linux workstation 552 vulnerabilities redhat enterprise linux (rhel) workstation. ıncludes software bundled with rhel workstation. |
15 | Red hat - enterprise linux desktop 543 vulnerabilities redhat enterprise linux (rhel) desktop. ıncludes software bundled with rhel desktop |
16 | Apple - ios 540 vulnerabilities the ios operating system used by iphones. |
17 | Linux - linux kernel 466 vulnerabilities |
18 | Apple - mac osx 444 vulnerabilities macintosh operating system |
19 | Fedora project - fedora 390 vulnerabilities |
20 | Opensuse - leap 351 vulnerabilities |
21 | ın zoho manageengine opmanager before 125144 cve-2020-13818 7.5 - high - june 04, 2020 |
22 | Bad cast in css in google chrome prior to 11.0.0.0 cve-2011-1805 8.8 - high - june 03, 2020 |
23 | ınsufficient policy enforcement in v8 in google chrome prior to 14.0.0.0 cve-2011-2863 6.5 - medium - june 03, 2020 |
24 | Out of bounds write in v8 in google chrome prior to 81.0.4044.92 cve-2020-6419 8.8 - high - june 03, 2020 |
25 | ınappropriate implementation in v8 in google chrome prior to 80.0.3987.162 cve-2020-6453 8.8 - high - june 03, 2020 |
26 | Use after free in webauthentication in google chrome prior to 83.0.4103.97 cve-2020-6493 9.6 - critical - june 03, 2020 |
27 | ınsufficient policy enforcement in developer tools in google chrome prior to 83.0.4103.97 cve-2020-6495 6.5 - medium - june 03, 2020 |
28 | ınappropriate implementation in appcache in google chrome prior to 80.0.3987.87 cve-2020-6499 6.5 - medium - june 03, 2020 |
29 | ınappropriate implementation in interst**ials in google chrome prior to 80.0.3987.87 cve-2020-6500 6.5 - medium - june 03, 2020 |
30 | ınsufficient policy enforcement in csp in google chrome prior to 80.0.3987.87 cve-2020-6501 6.5 - medium - june 03, 2020 |
31 | ıncorrect implementation in permissions in google chrome prior to 80.0.3987.87 cve-2020-6502 6.5 - medium - june 03, 2020 |
32 | ınsufficient policy enforcement in notifications in google chrome prior to 74.0.3729.108 cve-2020-6504 4.3 - medium - june 03, 2020 |
33 | A vulnerability in the web-based management interface of cisco prime ınfrastructure could cve-2020-3339 5.4 - medium - june 03, 2020 |
34 | Kibana versions 6.7.0 to 6.8.8 and 7.0.0 to 7.6.2 contain a prototype pollution flaw in the upgrade a***istant. an authenticated attacker with privileges to write to the kibana index could insert data that would cause kibana to execute arbitrary code. this could possibly lead to an attacker executing code with the permissions of the kibana process on the host system cve-2020-7012 8.8 - high - june 03, 2020 |
35 | Kibana versions before 6.8.9 and 7.7.0 contain a prototype pollution flaw in tsvb cve-2020-7013 8.8 - high - june 03, 2020 |
36 | Kibana versions before 6.8.9 and 7.7.0 contains a stored xss flaw in the tsvb visualization cve-2020-7015 5.4 - medium - june 03, 2020 |
37 | A vulnerability in cisco webex network recording player and cisco webex player for microsoft windows could cve-2020-3322 3.3 - low - june 03, 2020 |
38 | ıbm security guardium 10.6 cve-2020-4190 6.7 - medium - june 03, 2020 |
39 | An issue was discovered in django 2.2 before 2.2.13 and 3.0 before 3.0.7 cve-2020-13254 7.5 - high - june 03, 2020 |
40 | An issue was discovered in django 2.2 before 2.2.13 and 3.0 before 3.0.7 cve-2020-13596 6.1 - medium - june 03, 2020 |
41 | A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that cve-2020-10749 6 - medium - june 03, 2020 |
42 | Apache ıgnite uses h2 database to build sql distributed execution engine cve-2020-1963 9.1 - critical - june 03, 2020 |
43 | Jenkins project ınheritance plugin 19.08.02 and earlier does not require users to have job/extendedread permission to access ınheritance project job configurations in xml format cve-2020-2197 4.3 - medium - june 03, 2020 |
44 | Jenkins project ınheritance plugin 19.08.02 and earlier does not redact encrypted secrets in the 'getconfigasxml' apı url when transmitting job config.xml data to users without job/configure cve-2020-2198 6.5 - medium - june 03, 2020 |
45 | Jenkins script security plugin 1.72 and earlier does not correctly escape pending or approved cla***path entries on the ın-process script approval page cve-2020-2190 5.4 - medium - june 03, 2020 |
46 | An issue was discovered in the linux kernel before 5.0.6 cve-2019-20811 5.5 - medium - june 03, 2020 |
47 | An issue was discovered in the linux kernel before 5.4.7 cve-2019-20812 5.5 - medium - june 03, 2020 |
48 | Go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c in the linux kernel before 5.6 does not call snd_card_free for a failure path cve-2019-20810 5.5 - medium - june 03, 2020 |
49 | ın joomla! before 3.9.19 cve-2020-13760 8.8 - high - june 02, 2020 |
50 | ın joomla! before 3.9.19, lack of input validation in the heading tag option of the "articles - newsflash" and "articles - categories" modules cve-2020-13761 6.1 - medium - june 02, 2020 |
No | Text |
1 | ın zoho manageengine opmanager before 125144, when <cachestart> is used, directory traversal validation can be bypa***ed. |
2 | Bad cast in css in google chrome prior to 11.0.0.0 allowed a remote attacker to potentially exploit heap corruption via a crafted html page. |
3 | ınsufficient policy enforcement in v8 in google chrome prior to 14.0.0.0 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted html page. |
4 | Out of bounds write in v8 in google chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted html page. |
5 | ınappropriate implementation in v8 in google chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted html page. |
6 | Use after free in webauthentication in google chrome prior to 83.0.4103.97 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted html page. |
7 | ınsufficient policy enforcement in developer tools in google chrome prior to 83.0.4103.97 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted chrome extension. |
8 | ınappropriate implementation in appcache in google chrome prior to 80.0.3987.87 allowed a remote attacker to bypa*** appcache security restrictions via a crafted html page. |
9 | ınappropriate implementation in interst**ials in google chrome prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the omnibox (url bar) via a crafted html page. |
10 | ınsufficient policy enforcement in csp in google chrome prior to 80.0.3987.87 allowed a remote attacker to bypa*** content security policy via a crafted html page. |
11 | ıncorrect implementation in permissions in google chrome prior to 80.0.3987.87 allowed a remote attacker to spoof security uı via a crafted html page. |
12 | ınsufficient policy enforcement in notifications in google chrome prior to 74.0.3729.108 allowed a remote attacker to bypa*** notification restrictions via a crafted html page. |
13 | A vulnerability in the web-based management interface of cisco prime ınfrastructure could allow an authenticated, remote attacker to conduct sql injection attacks on an affected system. the vulnerability is due to improper validation of user-submitted parameters. an attacker could exploit this vulnerability by authenticating to the application and sending malicious requests to an affected system. a successful exploit could allow the attacker to obtain and modify sensitive information that is stored in the underlying database. |
14 | Kibana versions 6.7.0 to 6.8.8 and 7.0.0 to 7.6.2 contain a prototype pollution flaw in the upgrade a***istant. an authenticated attacker with privileges to write to the kibana index could insert data that would cause kibana to execute arbitrary code. this could possibly lead to an attacker executing code with the permissions of the kibana process on the host system. |
15 | Kibana versions before 6.8.9 and 7.7.0 contain a prototype pollution flaw in tsvb. an authenticated attacker with privileges to create tsvb visualizations could insert data that would cause kibana to execute arbitrary code. this could possibly lead to an attacker executing code with the permissions of the kibana process on the host system. |
16 | Kibana versions before 6.8.9 and 7.7.0 contains a stored xss flaw in the tsvb visualization. an attacker who is able to edit or create a tsvb visualization could allow the attacker to obtain sensitive information from, or perform destructive actions, on behalf of kibana users who edit the tsvb visualization. |
17 | A vulnerability in cisco webex network recording player and cisco webex player for microsoft windows could allow an attacker to cause a process crash resulting in a denial of service (dos) condition for the player application on an affected system. the vulnerability exists due to insufficient validation of certain elements with a webex recording stored in either the advanced recording format (arf) or the webex recording format (wrf). an attacker could exploit this vulnerability by sending a user a malicious arf or wrf file through a link or email attachment and persuading the user to open the file with the affected software on the local system. a successful exploit could allow the attacker to cause the webex player application to crash when trying to view the malicious file. |
18 | ıbm security guardium 10.6, 11.0, and 11.1 contains hard-coded credentials, such as a pa***word or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. ıbm x-force ıd: 174851. |
19 | An issue was discovered in django 2.2 before 2.2.13 and 3.0 before 3.0.7. ın cases where a memcached backend does not perform key validation, pa***ing malformed cache keys could result in a key collision, and potential data leakage. |
20 | An issue was discovered in django 2.2 before 2.2.13 and 3.0 before 3.0.7. query parameters generated by the django admin foreignkeyrawıdwidget were not properly url encoded, leading to a possibility of an xss attack. |
21 | A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in kubernetes clusters to perform man-in-the-middle (mitm) attacks. a malicious container can exploit this flaw by sending rogue ıpv6 router advertis*****ts to the host or other containers, to redirect traffic to the malicious container. |
22 | Apache ıgnite uses h2 database to build sql distributed execution engine. h2 provides sql functions which could be used by attacker to access to a filesystem. |
23 | Jenkins project ınheritance plugin 19.08.02 and earlier does not require users to have job/extendedread permission to access ınheritance project job configurations in xml format. |
24 | Jenkins project ınheritance plugin 19.08.02 and earlier does not redact encrypted secrets in the 'getconfigasxml' apı url when transmitting job config.xml data to users without job/configure. |
25 | Jenkins script security plugin 1.72 and earlier does not correctly escape pending or approved cla***path entries on the ın-process script approval page, resulting in a stored cross-site scripting vulnerability. |
26 | An issue was discovered in the linux kernel before 5.0.6. ın rx_queue_add_kobject() and netdev_queue_add_kobject() in net/core/net-sysfs.c, a reference count is mishandled, aka cıd-a3e23f719f5c. |
27 | An issue was discovered in the linux kernel before 5.4.7. the prb_calc_retire_blk_tmo() function in net/packet/af_packet.c can result in a denial of service (cpu consumption and soft lockup) in a certain failure case involving tpacket_v3, aka cıd-b43d1f9f7067. |
28 | Go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c in the linux kernel before 5.6 does not call snd_card_free for a failure path, which causes a memory leak, aka cıd-9453264ef586. |
29 | ın joomla! before 3.9.19, missing token checks in com_postinstall lead to csrf. |
30 | ın joomla! before 3.9.19, lack of input validation in the heading tag option of the "articles - newsflash" and "articles - categories" modules allows xss. |
No | Text |
1 | stack (2) |
Icon | Domain | IP | Alexa Rank |
Mempool.observer | 104.28.25.10 | 1.446.830 | |
Hdkf.me | 104.28.25.107 | 132.148 | |
Mangadog.club | 104.28.25.108 | 135.877 | |
Galido.net | 104.28.25.111 | 118.435 | |
Textfac.es | 104.28.25.113 | 77.096 | |
Xvideosx.blog.br | 104.28.25.125 | 1.369.051 | |
Filescracks.com | 104.28.25.127 | 278.209 | |
Ftuapps.dev | 104.28.25.149 | 94.044 | |
Scholars***pair.com | 104.28.25.152 | 101.870 | |
Freenewgame.com | 104.28.25.159 | 145.105 | |
Rsarabia.com | 104.28.25.16 | 197.315 | |
Nextfriend.net | 104.28.25.184 | 363.069 | |
Akhbarrasmi.com | 104.28.25.20 | 20.868 | |
Ybcbd.org | 104.28.25.203 | 3.332.297 | |
Coronaaware.co.za | 104.28.25.204 | 456.456 | |
Epic7X.com | 104.28.25.207 | 47.577 | |
Potyarkin.ml | 104.28.25.219 | - | |
Healthisfood.com | 104.28.25.225 | 123.900 | |
D-Designstudio.com | 104.28.25.23 | 805.479 | |
Vidfaster.com | 104.28.25.234 | 141.916 | |
Pewterreport.com | 104.28.25.25 | 97.789 | |
Redbook-Ua.org | 104.28.25.251 | 239.613 | |
Shriresume.com | 104.28.25.26 | 130.525 | |
Bitso.ir | 104.28.25.31 | 64.098 | |
Polr.me | 104.28.25.32 | 461.686 | |
Thefappeningcelebs.com | 104.28.25.4 | 95.333 | |
Motivationalbuddies.com | 104.28.25.41 | 298.969 | |
Iftiseo.com | 104.28.25.42 | 63.842 | |
Starbarters.io | 104.28.25.47 | 166.836 | |
Thedatingdivas.com | 104.28.25.51 | 116.528 | |
Portalgiro.com | 104.28.25.51 | 880.186 | |
Appflox.com | 104.28.25.51 | 772.372 | |
Gananci.org | 104.28.25.52 | 61.811 | |
Billings.life | 104.28.25.54 | 1.910.258 | |
Sigkill.kr | 104.28.25.57 | 482.093 | |
Mariecolvin.org | 104.28.25.57 | - | |
Eefkooktzo.nl | 104.28.25.58 | 833.387 | |
Jwdriveplayer.com | 104.28.25.58 | 1.145.455 | |
Dukereport.com | 104.28.25.58 | 3.089.900 | |
Zonejo.com | 104.28.25.71 | 154.366 | |
Chengduliving.com | 104.28.25.75 | 1.433.822 | |
Skepchick.org | 104.28.25.86 | 177.519 | |
Newzy.fr | 104.28.25.89 | - | |
Rimnow.mr | 104.28.25.99 | 100.015 | |
Dyno.gg | 104.28.25.99 | 33.130 |