Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (29 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-1122 1 Monkey-project 1 Monkey 2025-04-03 N/A
Format string vulnerability in cgi.c for Monkey daemon (monkeyd) before 0.9.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP GET request containing double-encoded format string specifiers (aka "double expansion error").
CVE-2003-1209 1 Monkey-project 1 Monkey 2025-04-03 N/A
The Post_Method function in Monkey HTTP Daemon before 0.6.2 allows remote attackers to cause a denial of service (crash) via a POST request without a Content-Type header.
CVE-2002-1663 1 Monkey-project 1 Monkey 2025-04-03 N/A
The Post_Method function in method.c for Monkey HTTP Daemon before 0.5.1 allows remote attackers to cause a denial of service (crash) via a POST request with an invalid or missing Content-Length header value.
CVE-2013-2183 1 Monkey-project 1 Monkey 2024-11-21 7.1 High
Monkey HTTP Daemon has local security bypass
CVE-2013-2159 1 Monkey-project 1 Monkey 2024-11-21 9.8 Critical
Monkey HTTP Daemon: broken user name authentication
CVE-2013-1771 1 Monkey-project 1 Monkey 2024-11-21 7.5 High
The web server Monkeyd produces a world-readable log (/var/log/monkeyd/master.log) on gentoo.
CVE-2012-5303 1 Monkey-project 1 Monkey 2024-08-06 N/A
Monkey HTTP Daemon 0.9.3 might allow local users to overwrite arbitrary files via a symlink attack on a PID file, as demonstrated by a pathname different from the default /var/run/monkey.pid pathname.
CVE-2012-4442 1 Monkey-project 1 Monkey 2024-08-06 N/A
Monkey HTTP Daemon 0.9.3 retains the supplementary group IDs of the root account during operations with a non-root effective UID, which might allow local users to bypass intended file-read restrictions by leveraging a race condition in a file-permission check.
CVE-2012-4443 1 Monkey-project 1 Monkey 2024-08-06 N/A
Monkey HTTP Daemon 0.9.3 uses a real UID of root and a real GID of root during execution of CGI scripts, which might allow local users to gain privileges by leveraging cgi-bin write access.