Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2021-27679
Cross-site scripting (XSS) vulnerability in Navigation in Batflat CMS 1.3.6 allows remote malicious users to inject arbitrary web script or HTML via the field name.
Batflat Batflat 1.3.6
9.8
CVSSv3
CVE-2021-27691
Command Injection in Tenda G0 routers with firmware versions v15.11.0.6(9039)_CN and v15.11.0.5(5876)_CN , and Tenda G1 and G3 routers with firmware versions v15.11.0.17(9502)_CN or v15.11.0.16(9024)_CN allows remote malicious users to execute arbitrary OS commands via a crafted ...
Tendacn G0 Firmware 15.11.0.5\\(5876\\) Cn
Tendacn G0 Firmware 15.11.0.6\\(9039\\) Cn
Tendacn G1 Firmware 15.11.0.16\\(9024\\) Cn
Tendacn G1 Firmware 15.11.0.17\\(9502\\) Cn
Tendacn G3 Firmware 15.11.0.16\\(9024\\) Cn
Tendacn G3 Firmware 15.11.0.17\\(9502\\) Cn
9.8
CVSSv3
CVE-2021-27693
Server-side Request Forgery (SSRF) vulnerability in PublicCMS prior to 4.0.202011.b via /publiccms/admin/ueditor when the action is catchimage.
Publiccms Publiccms
6.1
CVSSv3
CVE-2021-27695
Multiple stored cross-site scripting (XSS) vulnerabilities in openMAINT 2.1-3.3-b allow remote malicious users to inject arbitrary web script or HTML via any "Add" sections, such as Add Card Building & Floor, or others in the Name and Code Parameters.
Openmaint Openmaint 2.1-3.3-b
9.8
CVSSv3
CVE-2021-27697
RIOT-OS 2021.01 contains a buffer overflow vulnerability in sys/net/gnrc/routing/rpl/gnrc_rpl_validation.c through the gnrc_rpl_validation_options() function.
Riot-os Riot 2021.01
9.8
CVSSv3
CVE-2021-27705
Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote malicious users to execute arbitrary code via a crafted action/"qosIndex "request. This occurs because the "formQOSRuleDel" function directly passes the parameter "...
Tenda G1 Firmware V15.11.0.17\\(9502\\) Cn
Tenda G3 Firmware V15.11.0.17\\(9502\\) Cn
9.8
CVSSv3
CVE-2021-27707
Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote malicious users to execute arbitrary code via a crafted action/"portMappingIndex "request. This occurs because the "formDelPortMapping" function directly passes the par...
Tenda G1 Firmware V15.11.0.17\\(9502\\) Cn
Tenda G3 Firmware V15.11.0.17\\(9502\\) Cn
9.8
CVSSv3
CVE-2021-27708
Command Injection in TOTOLINK X5000R router with firmware v9.1.0u.6118_B20201102, and TOTOLINK A720R router with firmware v4.1.5cu.470_B20200911 allows remote malicious users to execute arbitrary OS commands by sending a modified HTTP request. This occurs because the function exe...
Totolink X5000r Firmware 9.1.0u.6118 B20201102
Totolink A720r Firmware 4.1.5cu.470 B20200911
9.8
CVSSv3
CVE-2021-27715
An issue exists in MoFi Network MOFI4500-4GXeLTE-V2 3.5.6-xnet-5052 allows malicious users to bypass the authentication and execute arbitrary code via crafted HTTP request.
Mofinetwork Mofi4500-4gxelte-v2 Firmware 3.5.6-xnet-5052
9.8
CVSSv3
CVE-2021-27730
Accellion FTA 9_12_432 and previous versions is affected by argument injection via a crafted POST request to an admin endpoint. The fixed version is FTA_9_12_444 and later.
Accellion Fta
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »