Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
metasploit.com vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-0500
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and previous versions, 6 Update 30 and previous versions, and JavaFX 2.0.2 and previous versions allows remote untrusted Java Web Start applications and untrusted Java applets t...
Sun Jre 1.6.0
Oracle Jre 1.6.0
Oracle Jre
Oracle Jre 1.7.0
Oracle Javafx 1.2.3
Oracle Javafx
Oracle Javafx 2.0
Oracle Javafx 1.3.1
Oracle Javafx 1.3.0
Oracle Javafx 1.2
Oracle Javafx 1.2.2
1 EDB exploit
NA
CVE-2011-0257
Integer signedness error in Apple QuickTime prior to 7.7 allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via a crafted PnSize opcode in a PICT file that triggers a stack-based buffer overflow.
Apple Quicktime
Apple Quicktime 7.6.1
Apple Quicktime 7.66.71.0
Apple Quicktime 7.5.5
Apple Quicktime 7.3.1.70
Apple Quicktime 7.2.0
Apple Quicktime 7.1.5
Apple Quicktime 7.1.6
Apple Quicktime 7.6.6
Apple Quicktime 7.67.75.0
Apple Quicktime 7.3.0
Apple Quicktime 7.3.1
Apple Quicktime 7.1.3
Apple Quicktime 7.1.4
Apple Quicktime 7.6.8
Apple Quicktime 7.6.5
Apple Quicktime 7.4.1
Apple Quicktime 7.4.5
Apple Quicktime 7.1.1
Apple Quicktime 7.1.2
Apple Quicktime 7.0.3
Apple Quicktime 7.0.4
1 EDB exploit
NA
CVE-2008-0320
Heap-based buffer overflow in the OLE importer in OpenOffice.org prior to 2.4 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via an OLE file with a crafted DocumentSummaryInformation stream.
Openoffice Openoffice.org 2.2
Openoffice Openoffice.org 2.2.1
Openoffice Openoffice.org 2.3
Openoffice Openoffice.org
Openoffice Openoffice.org 2.0.3
Openoffice Openoffice.org 2.1
1 EDB exploit
9.8
CVSSv3
CVE-2020-8010
CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains an improper ACL handling vulnerability in the robot (controller) component. A remote attacker can execute commands, read from, or write to the target system.
Broadcom Unified Infrastructure Management
Broadcom Unified Infrastructure Management 20.1
1 Github repository
9.8
CVSSv3
CVE-2022-22965
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e....
Vmware Spring Framework
Cisco Cx Cloud Agent
Oracle Sd-wan Edge 9.0
Oracle Retail Xstore Point Of Service 20.0.1
Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.7.0
Oracle Financial Services Analytical Applications Infrastructure 8.1.1
Oracle Sd-wan Edge 9.1
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Oracle Product Lifecycle Analytics 3.6.1
Oracle Financial Services Enterprise Case Management 8.1.1.0
Oracle Financial Services Enterprise Case Management 8.1.1.1
Oracle Financial Services Behavior Detection Platform 8.1.2.0
Oracle Financial Services Behavior Detection Platform 8.1.1.1
Oracle Financial Services Behavior Detection Platform 8.1.1.0
Oracle Communications Cloud Native Core Console 1.9.0
Oracle Communications Cloud Native Core Policy 1.15.0
Oracle Communications Cloud Native Core Unified Data Repository 1.15.0
Oracle Communications Cloud Native Core Unified Data Repository 22.1.0
Oracle Communications Cloud Native Core Security Edge Protection Proxy 22.1.0
174 Github repositories
7 Articles
NA
CVE-2016-5641
This Metasploit module generates a Open API Specification 2.0 (Swagger) compliant json document that includes payload insertion points in parameters. In order for the payload to be executed, an attacker must convince someone to generate code from a specially modified swagger.json...
1 Article
8.8
CVSSv3
CVE-2019-12840
In Webmin up to and including 1.910, any user authorized to the "Package Updates" module can execute arbitrary commands with root privileges via the data parameter to update.cgi.
Webmin Webmin
12 Github repositories
8.8
CVSSv3
CVE-2020-35606
Arbitrary command execution can occur in Webmin up to and including 1.962. Any user authorized for the Package Updates module can execute arbitrary commands with root privileges via vectors involving %0A and %0C. NOTE: this issue exists because of an incomplete fix for CVE-2019-1...
Webmin Webmin
4 Github repositories
9.8
CVSSv3
CVE-2018-9285
Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices prior to 3.0.0.4.384_10007; RT-N18U devices prior to 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices prior to 3.0.0.4.382.50010; and RT-AC5300 dev...
Asus Rt-ac66u Firmware
Asus Rt-ac68u Firmware
Asus Rt-ac86u Firmware
Asus Rt-ac88u Firmware
Asus Rt-ac1900 Firmware
Asus Rt-ac2900 Firmware
Asus Rt-ac3100 Firmware
Asus Rt-n18u Firmware
Asus Rt-ac87u Firmware
Asus Rt-ac3200 Firmware
Asus Rt-ac5300 Firmware
7.8
CVSSv3
CVE-2018-4237
An issue exists in certain Apple products. iOS prior to 11.4 is affected. macOS prior to 10.13.5 is affected. tvOS prior to 11.4 is affected. watchOS prior to 4.3.1 is affected. The issue involves the "libxpc" component. It allows malicious users to gain privileges via ...
Apple Iphone Os
Apple Mac Os X
Apple Watchos
Apple Tvos
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »