Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
h00die vulnerabilities and exploits
(subscribe to this query)
715
VMScore
CVE-2009-4753
Multiple buffer overflows in the FTP server on the Addonics NAS Adapter NASU2FW41 with loader 1.17 allow remote malicious users to cause a denial of service (TCP/IP outage) via long arguments to the (1) XRMD, (2) delete, (3) RNFR, or (4) RNTO command.
Nas Adapter Nasu2fw41 1.17
Nas Adapter Nasu2fw41
1 EDB exploit
NA
CVE-2024-30850
An issue in tiagorlampert CHAOS v5.0.1 allows a remote malicious user to execute arbitrary code via the BuildClient function within client_service.go
NA
CVE-2021-458439
This Metasploit module is a Terramaster chained exploit that performs session crafting to achieve escalated privileges that allows an attacker to access vulnerable code execution flaws. TOS versions 4.2.15 and below are affected.
642
VMScore
CVE-2021-22015
The vCenter Server contains multiple local privilege escalation vulnerabilities due to improper permissions of files and directories. An authenticated local user with non-administrative privilege may exploit these issues to elevate their privileges to root on vCenter Server Appli...
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
Vmware Cloud Foundation
2 Github repositories
1 Article
NA
CVE-2024-28741
Cross Site Scripting vulnerability in EginDemirbilek NorthStar C2 v1 allows a remote malicious user to execute arbitrary code via the login.php component.
1 Github repository
NA
CVE-2022-22942
The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling 'file' pointer.
Vmware Photon Os 4.0
Vmware Photon Os 3.0
578
VMScore
CVE-2020-5741
Deserialization of Untrusted Data in Plex Media Server on Windows allows a remote, authenticated malicious user to execute arbitrary Python code.
Plex Media Server
NA
CVE-2024-21626
runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and previous versions, due to an internal file descriptor leak, an attacker could cause a newly-spawned container process (from runc exec) to have a working director...
Linuxfoundation Runc
Fedoraproject Fedora 39
22 Github repositories
1 Article
668
VMScore
CVE-2020-12800
The drag-and-drop-multiple-file-upload-contact-form-7 plugin prior to 1.3.3.3 for WordPress allows Unrestricted File Upload and remote code execution by setting supported_type to php% and uploading a .php% file.
Codedropz Drag And Drop Multiple File Upload - Contact Form 7
2 Github repositories
NA
CVE-2023-52251
An issue discovered in provectus kafka-ui 0.4.0 up to and including 0.7.1 allows remote malicious users to execute arbitrary code via the q parameter of /api/clusters/local/topics/{topic}/messages.
Provectus Ui
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »