Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
metasploit.com vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-40044
In WS_FTP Server versions before 8.7.4 and 8.8.2, a pre-authenticated attacker could leverage a .NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands on the underlying WS_FTP Server operating system.
Progress Ws Ftp Server
1 Github repository
8
CVSSv3
CVE-2023-40315
In OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 and related Meridian versions, any user that has the ROLE_FILESYSTEM_EDITOR can easily escalate their privileges to ROLE_ADMIN or any other role. The solution is to upgrade to Meridian 2023.1.5 or Horizon 32.0.2 or newer....
Opennms Horizon
Opennms Meridian
NA
CVE-2008-5499
Unspecified vulnerability in Adobe Flash Player for Linux 10.0.12.36, and 9.0.151.0 and previous versions, allows remote malicious users to execute arbitrary code via a crafted SWF file.
Adobe Flash Player For Linux 10.0.12.36
Adobe Flash Player For Linux 9.0.124.0
Adobe Flash Player For Linux 9.0.115.0
Adobe Flash Player For Linux
Adobe Flash Player For Linux 9.0.48.0
Adobe Flash Player For Linux 9.0.31
1 EDB exploit
NA
CVE-2016-582384
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-6277. Reason: This candidate was withdrawn by its CNA. Notes: All CVE users should reference CVE-2016-6277 instead of this candidate. All references and descriptions in this candidate have been removed to pre...
1 Article
9.1
CVSSv3
CVE-2021-21809
A command execution vulnerability exists in the default legacy spellchecker plugin in Moodle 3.10. A specially crafted series of HTTP requests can lead to command execution. An attacker must have administrator privileges to exploit this vulnerabilities.
Moodle Moodle 3.10.0
1 Github repository
NA
CVE-2011-2110
Adobe Flash Player prior to 10.3.181.26 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.23 and previous versions on Android, allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in th...
Adobe Flash Player 10.1.52.14.1
Adobe Flash Player 10.1.102.64
Adobe Flash Player 10.0.42.34
Adobe Flash Player 10.0.45.2
Adobe Flash Player 9.0.28
Adobe Flash Player 9.0.260.0
Adobe Flash Player 10.1.92.10
Adobe Flash Player 10.0.15.3
Adobe Flash Player 9.0.112.0
Adobe Flash Player 9.0.246.0
Adobe Flash Player 9.0.45.0
Adobe Flash Player 9.0.114.0
Adobe Flash Player 9.0.31.0
Adobe Flash Player 9.0.124.0
Adobe Flash Player 8.0.22.0
Adobe Flash Player 8.0.42.0
Adobe Flash Player 7.0.66.0
Adobe Flash Player 7.0.73.0
Adobe Flash Player 7.0.67.0
Adobe Flash Player 7.1.1
Adobe Flash Player 7.0.14.0
Adobe Flash Player 6.0.79
1 EDB exploit
NA
CVE-2024-27199
In JetBrains TeamCity prior to 2023.11.4 path traversal allowing to perform limited admin actions was possible
12 Github repositories
2 Articles
NA
CVE-2014-8636
The XrayWrapper implementation in Mozilla Firefox prior to 35.0 and SeaMonkey prior to 2.32 does not properly interact with a DOM object that has a named getter, which might allow remote malicious users to execute arbitrary JavaScript code with chrome privileges via unspecified v...
Mozilla Firefox
Mozilla Seamonkey
1 EDB exploit
8.6
CVSSv3
CVE-2020-16952
<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint applicati...
Microsoft Sharepoint Foundation 2013
Microsoft Sharepoint Enterprise Server 2016
Microsoft Sharepoint Server 2019
1 Article
NA
CVE-2007-2447
The MS-RPC functionality in smbd in Samba 3.0.0 up to and including 3.0.25rc3 allows remote malicious users to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled, a...
Samba Samba 3.0.13
Samba Samba 3.0.14
Samba Samba 3.0.2
Samba Samba 3.0.20
Samba Samba 3.0.22
Samba Samba 3.0.23
Samba Samba 3.0.23a
Samba Samba 3.0.25
Samba Samba 3.0.6
Samba Samba 3.0.7
Samba Samba 3.0.0
Samba Samba 3.0.14a
Samba Samba 3.0.15
Samba Samba 3.0.20a
Samba Samba 3.0.20b
Samba Samba 3.0.23b
Samba Samba 3.0.23c
Samba Samba 3.0.2a
Samba Samba 3.0.8
Samba Samba 3.0.9
Samba Samba 3.0.11
Samba Samba 3.0.12
1 EDB exploit
45 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »