Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
realistic security vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2023-37360
pacparser_find_proxy in Pacparser prior to 1.4.2 allows JavaScript injection, and possibly privilege escalation, when the attacker controls the URL (which may be realistic within enterprise security products).
Pacparser Project Pacparser
7.5
CVSSv3
CVE-2021-36386
report_vbuild in report.c in Fetchmail prior to 6.4.20 sometimes omits initialization of the vsnprintf va_list argument, which might allow mail servers to cause a denial of service or possibly have unspecified other impact via long error messages. NOTE: it is unclear whether use ...
Fetchmail Fetchmail
Fedoraproject Fedora 33
Fedoraproject Fedora 34
7.5
CVSSv3
CVE-2023-49298
OpenZFS up to and including 2.1.13 and 2.2.x up to and including 2.2.1, in certain scenarios involving applications that try to rely on efficient copying of file data, can replace file contents with zero-valued bytes and thus potentially disable security mechanisms. NOTE: this is...
Openzfs Openzfs
Openzfs Openzfs 2.2.0
7.1
CVSSv3
CVE-2018-6622
An issue exists that affects all producers of BIOS firmware who make a certain realistic interpretation of an obscure portion of the Trusted Computing Group (TCG) Trusted Platform Module (TPM) 2.0 specification. An abnormal case is not handled properly by this firmware while S3 s...
Trustedcomputinggroup Trusted Platform Module 2.0
3 Github repositories
NA
CVE-2015-7686
Algorithmic complexity vulnerability in Address.pm in the Email-Address module 1.908 and previous versions for Perl allows remote malicious users to cause a denial of service (CPU consumption) via a crafted string containing a list of e-mail addresses in conjunction with parenthe...
Email-address Project Email-address
8.8
CVSSv3
CVE-2017-16524
Web Viewer 1.0.0.193 on Samsung SRN-1670D devices suffers from an Unrestricted file upload vulnerability: 'network_ssl_upload.php' allows remote authenticated malicious users to upload and execute arbitrary PHP code via a filename with a .php extension, which is then ac...
Hanwhasecurity Web Viewer 1.0.0.193
1 EDB exploit
1 Github repository
8.6
CVSSv3
CVE-2015-8279
Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote malicious users to read arbitrary files via a request to an unspecified PHP script.
Samsung Web Viewer
2 Metasploit modules
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907
hardcoded
inject
CVE-2024-20359
CVE-2024-2467
CVE-2024-4077
CVE-2024-22391
camera
CVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started