Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file file 4.8 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2024-3813
The tagDiv Composer plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.8 via the 'td_block_title' shortcode 'block_template_id' attribute. This makes it possible for authenticated attackers, with contributor-leve...
NA
CVE-2024-4595
A vulnerability has been found in SEMCMS up to 4.8 and classified as critical. Affected by this vulnerability is the function locate of the file function.php. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the publi...
NA
CVE-2024-31012
An issue exists in SEMCMS v.4.8, allows remote malicious users to execute arbitrary code, escalate privileges, and obtain sensitive information via the upload.php file.
7.5
CVSSv3
CVE-2022-47375
A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions), SIM...
Siemens 6es7412-2ek07-0ab0 Firmware
Siemens 6es7414-3em07-0ab0 Firmware
Siemens 6es7414-3fm07-0ab0 Firmware
Siemens 6es7416-3es07-0ab0 Firmware
Siemens 6es7416-3fs07-0ab0 Firmware
Siemens 6ag1414-3em07-7ab0 Firmware
Siemens 6ag1416-3es07-7ab0 Firmware
Siemens Sinamics S120 Firmware -
Siemens Sinamics S120 Firmware 4.7
Siemens Sinamics S120 Firmware 4.8
Siemens Sinamics S120 Firmware 4.9
Siemens Sinamics S120 Firmware 5.0
Siemens Sinamics S120 Firmware 5.1
Siemens Sinamics S120 Firmware 5.2
Siemens Simatic Pc-station Plus Firmware
9.8
CVSSv3
CVE-2023-36049
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
Microsoft .net Framework 2.0
Microsoft .net Framework 3.0
Microsoft .net Framework 3.5
Microsoft .net Framework 4.6.2
Microsoft .net Framework 4.7
Microsoft .net Framework 4.7.1
Microsoft .net Framework 4.7.2
Microsoft .net Framework 4.8
Microsoft .net Framework 4.8.1
Microsoft .net Framework 3.5.1
Microsoft .net 8.0.0
Microsoft .net
Microsoft Visual Studio 2022
7.5
CVSSv3
CVE-2023-30546
Contiki-NG is an operating system for Internet of Things devices. An off-by-one error can be triggered in the Antelope database management system in the Contiki-NG operating system in versions 4.8 and prior. The problem exists in the Contiki File System (CFS) backend for the stor...
Contiki-ng Contiki-ng
8.8
CVSSv3
CVE-2022-0435
A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly esc...
Linux Linux Kernel 5.17
Linux Linux Kernel
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux For Real Time 8
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux For Real Time For Nfv Tus 8.4
Redhat Enterprise Linux For Real Time For Nfv Tus 8.2
Redhat Enterprise Linux For Real Time Tus 8.4
Redhat Enterprise Linux For Real Time Tus 8.2
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux For Real Time For Nfv 8
Redhat Enterprise Linux Server Update Services For Sap Solutions 8.2
Redhat Enterprise Linux Server Update Services For Sap Solutions 8.4
Redhat Enterprise Linux For Power Little Endian Eus 8.2
Redhat Enterprise Linux For Ibm Z Systems Eus 8.2
Redhat Enterprise Linux For Power Little Endian 8.0
Redhat Enterprise Linux For Ibm Z Systems Eus 8.4
Redhat Enterprise Linux For Ibm Z Systems 8.0
1 Github repository
9.8
CVSSv3
CVE-2021-43267
An issue exists in net/tipc/crypto.c in the Linux kernel prior to 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote malicious users to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type.
Linux Linux Kernel
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
2 Github repositories
2 Articles
5.5
CVSSv3
CVE-2020-1472
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted...
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2019 -
Microsoft Windows Server 2004 -
Microsoft Windows Server 20h2 -
Microsoft Windows Server 1903
Microsoft Windows Server 1909
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Synology Directory Server
Samba Samba
Debian Debian Linux 9.0
Oracle Zfs Storage Appliance Kit 8.8
1 Metasploit module
160 Github repositories
18 Articles
7.8
CVSSv3
CVE-2020-1147
A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'.
Microsoft .net Core 2.1
Microsoft .net Core 3.1
Microsoft .net Framework 2.0
Microsoft .net Framework 3.0
Microsoft .net Framework 3.5
Microsoft .net Framework 4.6.2
Microsoft .net Framework 4.7
Microsoft .net Framework 4.7.1
Microsoft .net Framework 4.7.2
Microsoft .net Framework 4.6
Microsoft .net Framework 4.6.1
Microsoft .net Framework 4.8
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.5.2
Microsoft Sharepoint Server 2010
Microsoft Sharepoint Enterprise Server 2016
Microsoft Sharepoint Enterprise Server 2013
Microsoft Sharepoint Server 2019
Microsoft Visual Studio 2019
Microsoft Visual Studio 2017
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30078
CVE-2024-37896
code injection
CVE-2024-3080
CVE-2024-5172
cross-site request forgery
CVE-2024-6111
firmware
CVE-2024-38504
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »