Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ivan huertas vulnerabilities and exploits
(subscribe to this query)
8
CVSSv3
CVE-2016-1489
Lenovo SHAREit prior to 3.2.0 for Windows and SHAREit prior to 3.5.48_ww for Android transfer files in cleartext, which allows remote malicious users to (1) obtain sensitive information by sniffing the network or (2) conduct man-in-the-middle (MITM) attacks via unspecified vector...
Lenovo Shareit
1 Article
4.1
CVSSv3
CVE-2016-1490
The Wifi hotspot in Lenovo SHAREit prior to 3.2.0 for Windows allows remote malicious users to obtain sensitive file names via a crafted file request to /list.
Lenovo Shareit
1 Article
8.8
CVSSv3
CVE-2016-1491
The Wifi hotspot in Lenovo SHAREit prior to 3.2.0 for Windows, when configured to receive files, has a hardcoded password of 12345678, which makes it easier for remote malicious users to obtain access by leveraging a position within the WLAN coverage area.
Lenovo Shareit
1 Article
6.1
CVSSv3
CVE-2016-1492
The Wifi hotspot in Lenovo SHAREit prior to 3.5.48_ww for Android, when configured to receive files, does not require a password, which makes it easier for remote malicious users to obtain access by leveraging a position within the WLAN coverage area.
Lenovo Shareit 3.0.18 Ww
1 Article
NA
CVE-2018-07103
QNAP Qcenter Virtual Appliance versions 1.6.1056 (20170825) and 1.6.1075 (20171123) suffer from information disclosure and command injection vulnerabilities.
7.5
CVSSv3
CVE-2018-12023
An issue exists in FasterXML jackson-databind before 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Oracle JDBC jar in the classpath, and an attacker can provide an LDAP service to access, it is possi...
Fasterxml Jackson-databind
Debian Debian Linux 9.0
Fedoraproject Fedora 29
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Retail Merchandising System 15.0
Redhat Openshift Container Platform 3.11
Redhat Jboss Enterprise Application Platform 7.2.0
Redhat Single Sign-on 7.3
Redhat Jboss Brms 6.4.10
Redhat Automation Manager 7.3.1
Redhat Decision Manager 7.3.1
8.8
CVSSv3
CVE-2018-0708
Command injection vulnerability in networking of QNAP Q'center Virtual Appliance version 1.7.1063 and previous versions could allow authenticated users to run arbitrary commands.
Qnap Q\\'center
1 EDB exploit
8.8
CVSSv3
CVE-2018-0709
Command injection vulnerability in date of QNAP Q'center Virtual Appliance version 1.7.1063 and previous versions could allow authenticated users to run arbitrary commands.
Qnap Q\\'center
1 EDB exploit
8.8
CVSSv3
CVE-2018-0710
Command injection vulnerability in SSH of QNAP Q'center Virtual Appliance version 1.7.1063 and previous versions could allow authenticated users to run arbitrary commands.
Qnap Q\\'center
1 EDB exploit
8.8
CVSSv3
CVE-2018-0706
Exposure of Private Information in QNAP Q'center Virtual Appliance version 1.7.1063 and previous versions could allow authenticated users to access sensitive information.
Qnap Q\\'center
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »
Vulmon