Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
client vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2021-20151
Trendnet AC2600 TEW-827DRU version 2.08B01 contains a flaw in the session management for the device. The router's management software manages web sessions based on IP address rather than verifying client cookies/session tokens/etc. This allows an attacker (whether from a dif...
Trendnet Tew-827dru Firmware 2.08b01
10
CVSSv3
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0
Apache Log4j
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Siemens Head-end System Universal Device Integration System
Siemens Gma-manager
Siemens Energyip 8.5
Siemens Energyip 8.6
Siemens Energyip 8.7
Siemens Energyip 9.0
Siemens Energy Engage 3.1
Siemens E-car Operation Center
2 Metasploit modules
1147 Github repositories
28 Articles
10
CVSSv3
CVE-2020-26301
ssh2 is client and server modules written in pure JavaScript for node.js. In ssh2 before version 1.4.0 there is a command injection vulnerability. The issue only exists on Windows. This issue may lead to remote code execution if a client of the library calls the vulnerable method...
Ssh2 Project Ssh2
10
CVSSv3
CVE-2021-37181
A vulnerability has been identified in Cerberus DMS V4.0 (All versions), Cerberus DMS V4.1 (All versions), Cerberus DMS V4.2 (All versions), Cerberus DMS V5.0 (All versions < v5.0 QU1), Desigo CC Compact V4.0 (All versions), Desigo CC Compact V4.1 (All versions), Desigo CC Com...
Siemens Cerberus Dms 4.0
Siemens Cerberus Dms 4.1
Siemens Cerberus Dms 4.2
Siemens Cerberus Dms 5.0
Siemens Desigo Cc 4.0
Siemens Desigo Cc 4.1
Siemens Desigo Cc 4.2
Siemens Desigo Cc 5.0
Siemens Desigo Cc Compact 4.0
Siemens Desigo Cc Compact 4.1
Siemens Desigo Cc Compact 4.2
Siemens Desigo Cc Compact 5.0
10
CVSSv3
CVE-2021-32671
Flarum is a forum software for building communities. Flarum's translation system allowed for string inputs to be converted into HTML DOM nodes when rendered. This change was made after v0.1.0-beta.16 (our last beta before v1.0.0) and was not noticed or documented. This allow...
Flarum Flarum 1.0.0
Flarum Flarum 1.0.1
10
CVSSv3
CVE-2020-29492
Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to access the writable file and manipulate the configuration of any target specific station.
Dell Wyse Thinos
1 Article
10
CVSSv3
CVE-2015-0565
NaCl in 2015 allowed the CLFLUSH instruction, making rowhammer attacks possible.
Google Native Client 2015
2 EDB exploits
2 Github repositories
10
CVSSv3
CVE-2019-16650
On Supermicro X10 and X11 products, a client's access privileges may be transferred to a different client that later has the same socket file descriptor number. In opportunistic circumstances, an attacker can simply connect to the virtual media service, and then connect virt...
Supermicro X11dai-n Firmware 1.71.5
Supermicro X11dac Firmware 1.71.5
Supermicro X11dph-tq Firmware 1.71.5
Supermicro X11dph-i Firmware 1.71.5
Supermicro X11dph-t Firmware 1.71.5
Supermicro X11dps-re Firmware 1.71.5
Supermicro X11dsf-e Firmware 1.71.5
Supermicro X11dsn-ts Firmware 1.71.5
Supermicro X11dsn-tsq Firmware 1.71.5
Supermicro X11dsc\\+ Firmware 1.74
Supermicro X11ddw-nt Firmware 1.71.5
Supermicro X11ddw-l Firmware 1.71.5
Supermicro X11dgq Firmware 1.71.5
Supermicro X11dpff-sn Firmware 1.71.5
Supermicro X11dpfr-sn Firmware 1.71.5
Supermicro X11dpfr-s Firmware 1.71.5
Supermicro X11dpt-ps Firmware 1.71.5
Supermicro X11dpt-b Firmware 1.71.5
Supermicro X11dpt-bh Firmware 1.71.5
Supermicro X11dpt-l Firmware 3.74
Supermicro X11dpu Firmware 1.71.5
Supermicro X11dpu-v Firmware 1.71.5
10
CVSSv3
CVE-2019-11708
Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result ...
Mozilla Firefox Esr
Mozilla Firefox
Mozilla Thunderbird
1 EDB exploit
5 Github repositories
1 Article
10
CVSSv3
CVE-2019-11510
In Pulse Secure Pulse Connect Secure (PCS) 8.2 prior to 8.2R12.1, 8.3 prior to 8.3R7.1, and 9.0 prior to 9.0R3.4, an unauthenticated remote attacker can send a specially crafted URI to perform an arbitrary file reading vulnerability .
Ivanti Connect Secure 9.0
Ivanti Connect Secure 8.2
Ivanti Connect Secure 8.3
1 EDB exploit
25 Github repositories
9 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »