Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
skill vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-3753
A vulnerability classified as problematic has been found in Creativeitem Mastery LMS 1.2. This affects an unknown part of the file /browse. The manipulation of the argument search/featured/recommended/skill leads to cross site scripting. It is possible to initiate the attack remo...
Creativeitem Mastery Lms 1.2
9
CVSSv2
CVE-2022-25809
Improper Neutralization of audio output from 3rd and 4th Generation Amazon Echo Dot devices allows arbitrary voice command execution on these devices via a malicious skill (in the case of remote attackers) or by pairing a malicious Bluetooth device (in the case of physically prox...
Amazon Echo Dot Firmware -
1 Article
3.5
CVSSv2
CVE-2021-42022
A vulnerability has been identified in SIMATIC eaSie PCS 7 Skill Package (All versions < V21.00 SP3). When downloading files, the affected systems do not properly neutralize special elements within the pathname. An attacker could then cause the pathname to resolve to a locatio...
Siemens Simatic Easie Pcs 7 Skill
Siemens Simatic Easie Pcs 7 Skill 21.00
5
CVSSv2
CVE-2013-1924
Commerce Skrill (Formerly Moneybookers) has an Access bypass vulnerability in all versions before 7.x-1.2
Skill Commerce Skrill
4.3
CVSSv2
CVE-2018-11567
before 2018-04-27, the reprompt feature in Amazon Echo devices could be misused by a custom Alexa skill. The reprompt feature is designed so that if Alexa does not receive an input within 8 seconds, the device can speak a reprompt, then wait an additional 8 seconds for input; if ...
Amazon Echo Show Firmware
Amazon Echo Plus Firmware
Amazon Echo Dot Firmware
Amazon Echo Spot Firmware
Amazon Echo Firmware
5
CVSSv2
CVE-2017-3221
Blind SQL injection in Inmarsat AmosConnect 8 login form allows remote malicious users to access user credentials, including user names and passwords.
Inmarsat Amosconnect 8 8.2.1
Inmarsat Amosconnect 8 8.2.2
Inmarsat Amosconnect 8 8.0.2
Inmarsat Amosconnect 8 8.2.0
Inmarsat Amosconnect 8 8.0
Inmarsat Amosconnect 8 8.3.0
Inmarsat Amosconnect 8 8.3.1
Inmarsat Amosconnect 8 8.0.1
Inmarsat Amosconnect 8 8.4.0
Inmarsat Amosconnect 8 8.4.0.1
10
CVSSv2
CVE-2017-3222
Hard-coded credentials in AmosConnect 8 allow remote malicious users to gain full administrative privileges, including the ability to execute commands on the Microsoft Windows host platform with SYSTEM privileges by abusing AmosConnect Task Manager.
Inmarsat Amosconnect 8.0
Inmarsat Amosconnect 8.0.1
Inmarsat Amosconnect 8.0.2
Inmarsat Amosconnect 8.2.0
Inmarsat Amosconnect 8.2.1
Inmarsat Amosconnect 8.2.2
Inmarsat Amosconnect 8.3.0
Inmarsat Amosconnect 8.3.1
Inmarsat Amosconnect 8.4.0
Inmarsat Amosconnect 8.4.0.1
7.5
CVSSv2
CVE-2005-2440
SQL injection vulnerability in login.asp in Thomson Web Skill Vantage Manager allows remote malicious users to execute arbitrary SQL commands via the svmPassword parameter.
Thomson Netg Web Skill Vantage Manager 2.5
7.5
CVSSv2
CVE-2002-0606
Buffer overflow in 3Cdaemon 2.0 FTP server allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via long commands such as login.
3com 3cdaemon 2.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298
CVE-2024-20356
CVE-2023-21987
CVE-2024-33217
bypass
CVE-2024-31804
CVE-2024-32660
unauthorized
SSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started