Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
intercom intercom vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2019-14365
The Intercom plugin up to and including 1.2.1 for WordPress leaks a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack (channels, members, etc.).
Intercom Intercom
8.1
CVSSv3
CVE-2017-10815
MaLion for Windows 5.2.1 and previous versions (only when "Remote Control" is installed) and MaLion for Mac 4.0.1 to 5.2.1 (only when "Remote Control" is installed) allow remote malicious users to bypass authentication to execute arbitrary commands or operatio...
Intercom Malion
9.8
CVSSv3
CVE-2017-10816
SQL injection vulnerability in the MaLion for Windows and Mac 5.0.0 to 5.2.1 allows remote malicious users to execute arbitrary SQL commands via Relay Service Server.
Intercom Malion
9.8
CVSSv3
CVE-2017-10817
MaLion for Windows and Mac 5.0.0 to 5.2.1 allows remote malicious users to bypass authentication to alter settings in Relay Service Server.
Intercom Malion
9.8
CVSSv3
CVE-2017-10818
MaLion for Windows and Mac versions 3.2.1 to 5.2.1 uses a hardcoded cryptographic key which may allow an malicious user to alter the connection settings of Terminal Agent and spoof the Relay Service.
Intercom Malion
5.9
CVSSv3
CVE-2017-10819
MaLion for Mac 4.3.0 to 5.2.1 does not properly validate certificates, which may allow an malicious user to eavesdrop on an encrypted communication.
Intercom Malion
NA
CVE-2014-2006
Cross-site scripting (XSS) vulnerability in Intercom Web Kyukincho 3.x prior to 3.0.030 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Intercom Web Kyukincho 3.0
NA
CVE-2014-3881
Cross-site request forgery (CSRF) vulnerability in Intercom Web Kyukincho 3.x prior to 3.0.030 allows remote malicious users to hijack the authentication of arbitrary users.
Intercom Web Kyukincho 3.0
9.8
CVSSv3
CVE-2023-6895
A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK). It has been declared as critical. This vulnerability affects unknown code of the file /php/ping.php. The manipulation of the argument jsondata[ip] with the input netstat -ano leads to...
Hikvision Intercom Broadcast System
4 Github repositories
NA
CVE-2024-29206
An Improper Access Control could allow a malicious actor authenticated in the API to enable Android Debug Bridge (ADB) and make unsupported changes to the system. Affected Products: UniFi Connect EV Station (Version 1.1.18 and previous versions) UniFi Connect EV Station Pro (Vers...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
IMAP
CVE-2024-4367
server-side request forgery
information disclosure
CVE-2024-34342
CVE-2024-4281
CVE-2024-3507
CVE-2024-25560
CVE-2024-34574
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »