Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
miguel mendez z vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2017-9833
/cgi-bin/wapopen in Boa 0.94.14rc21 allows the injection of "../.." using the FILECAMERA variable (sent by GET) to read files with root privileges. NOTE: multiple third parties report that this is a system-integrator issue (e.g., a vulnerability on one type of camera) b...
Boa Boa 0.94.14.21
1 EDB exploit
1 Github repository
1 Article
6.1
CVSSv3
CVE-2017-16841
LanSweeper 6.0.100.75 has XSS via the description parameter to /Calendar/CalendarActions.aspx.
Lansweeper Lansweeper
1 EDB exploit
9.8
CVSSv3
CVE-2018-14064
The uc-http service 1.0.0 on VelotiSmart WiFi B-380 camera devices allows Directory Traversal, as demonstrated by /../../etc/passwd on TCP port 80.
Velotismart Project Velotismart Wifi Firmware B-380
1 EDB exploit
1 Github repository
9.8
CVSSv3
CVE-2020-10181
goform/formEMR30 in Sumavision Enhanced Multimedia Router (EMR) 3.0.4.27 allows creation of arbitrary users with elevated privileges (administrator) on a device, as demonstrated by a setString=new_user<*1*>administrator<*1*>123456 request.
Sumavision Enhanced Multimedia Router Firmware 3.0.4.27
1 Github repository
7.8
CVSSv3
CVE-2019-5526
VMware Workstation (15.x prior to 15.1.0) contains a DLL hijacking issue because some DLL files are improperly loaded by the application. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to administrator on a windo...
Vmware Workstation
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started