Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
compass security vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-37502
HCL Compass is vulnerable to lack of file upload security. An attacker could upload files containing active code that can be executed by the server or by a user's web browser.
Hcltech Hcl Compass
Hcltech Hcl Compass 2.1.0
7.5
CVSSv3
CVE-2020-1113
A security feature bypass vulnerability exists in Microsoft Windows when the Task Scheduler service fails to properly verify client connections over RPC, aka 'Windows Task Scheduler Security Feature Bypass Vulnerability'.
Microsoft Windows 10 -
Microsoft Windows 10 1607
Microsoft Windows 10 1709
Microsoft Windows 10 1803
Microsoft Windows 10 1809
Microsoft Windows 10 1903
Microsoft Windows 10 1909
Microsoft Windows 7 -
Microsoft Windows 8.1 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2008 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2019 -
Microsoft Windows Server 2019 1903
Microsoft Windows Server 2019 1909
1 Github repository
9.8
CVSSv3
CVE-2009-1048
The web interface on the snom VoIP phones snom 300, snom 320, snom 360, snom 370, and snom 820 with firmware 6.5 prior to 6.5.20, 7.1 prior to 7.1.39, and 7.3 prior to 7.3.14 allows remote malicious users to bypass authentication, and reconfigure the phone or make arbitrary use o...
Snom Snom 300 Firmware
Snom Snom 320 Firmware
Snom Snom 360 Firmware
Snom Snom 370 Firmware
Snom Snom 820 Firmware
NA
CVE-2007-0005
Multiple buffer overflows in the (1) read and (2) write handlers in the Omnikey CardMan 4040 driver in the Linux kernel prior to 2.6.21-rc3 allow local users to gain privileges.
Omnikey.aaitg Omnikey Cardman 4040
1 EDB exploit
8.8
CVSSv3
CVE-2018-6563
Multiple cross-site request forgery (CSRF) vulnerabilities in totemomail Encryption Gateway prior to 6.0.0_Build_371 allow remote malicious users to hijack the authentication of users for requests that (1) change user settings, (2) send emails, or (3) change contact information b...
Totemo Encryption Gateway
1 EDB exploit
7.5
CVSSv3
CVE-2017-7185
Use-after-free vulnerability in the mg_http_multipart_wait_for_boundary function in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.7 and previous versions and Mongoose OS 1.2 and previous versions allows remote malicious users to cause a denial of service (crash) vi...
Cesanta Mongoose Os
Cesanta Mongoose Embedded Web Server Library
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
brute force
CVE-2024-24908
open redirect
CVE-2024-31497
CVE-2023-45866
CVE-2024-4135
CVE-2024-25523
cache poisoning
CVE-2024-4649
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started