Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ghost ghost vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-43441
A code execution vulnerability exists in the Statement Bindings functionality of Ghost Foundation node-sqlite3 5.1.1. A specially-crafted Javascript file can lead to arbitrary code execution. An attacker can provide malicious input to trigger this vulnerability.
Ghost Sqlite3
9.8
CVSSv3
CVE-2022-30257
An issue exists in Technitium DNS Server up to and including 8.0.2 that allows variant V1 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit wou...
Technitium Dns Server
9.8
CVSSv3
CVE-2022-30258
An issue exists in Technitium DNS Server up to and including 8.0.2 that allows variant V2 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit wou...
Technitium Dns Server
9.8
CVSSv3
CVE-2022-27139
An arbitrary file upload vulnerability in the file upload module of Ghost v4.39.0 allows malicious users to execute arbitrary code via a crafted SVG file. NOTE: Vendor states that as outlined in Ghost's security documentation, upload of SVGs is only possible by trusted authe...
Ghost Ghost 4.39.0
9.8
CVSSv3
CVE-2022-28397
An arbitrary file upload vulnerability in the file upload module of Ghost CMS v4.42.0 allows malicious users to execute arbitrary code via a crafted file. NOTE: Vendor states as detailed in Ghost's security documentation, files can only be uploaded and published by trusted u...
Ghost Ghost 4.42.0
9.8
CVSSv3
CVE-2020-35185
The official ghost docker images prior to 2.16.1-alpine (Alpine specific) contain a blank password for a root user. System using the ghost docker container deployed by affected versions of the docker image may allow a remote malicious user to achieve root access with a blank pass...
Docker Ghost Alpine Docker Image
9.1
CVSSv3
CVE-2020-3419
A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote malicious user to join a Webex session without appearing on the participant list. This vulnerability is due to improper handling of authentication tokens by a vulnerable...
Cisco Webex Meetings Server
Cisco Webex Meetings Server 3.0
Cisco Webex Meetings Server 4.0
8.1
CVSSv3
CVE-2020-8134
Server-side request forgery (SSRF) vulnerability in Ghost CMS < 3.10.0 allows an malicious user to scan local or external network or otherwise interact with internal systems.
Ghost Ghost
8.1
CVSSv3
CVE-2017-8563
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to Kerberos falling back to NT LAN Manager (NTLM)...
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Server 2012 R2
Microsoft Windows 10 -
Microsoft Windows 10 1511
Microsoft Windows 10 1607
Microsoft Windows 10 1703
Microsoft Windows Server 2008 R2
Microsoft Windows Rt 8.1
Microsoft Windows Server 2016
Microsoft Windows 8.1
Microsoft Windows Server 2012 -
3 Github repositories
1 Article
7.8
CVSSv3
CVE-2016-6590
A privilege escalation vulnerability exists when loading DLLs during boot up and reboot in Symantec IT Management Suite 8.0 before 8.0 HF4 and Suite 7.6 before 7.6 HF7, Symantec Ghost Solution Suite 3.1 before 3.1 MP4, Symantec Endpoint Virtualization 7.x before 7.6 HF7, and Syma...
Symantec Encryption Desktop
Symantec Endpoint Encryption
Symantec Endpoint Encryption 7.6
Symantec Ghost Solution Suite 3.1
Symantec It Management Suite 7.6
Symantec It Management Suite 8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »