Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
spencer mcintyre vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-1571
Unspecified vulnerability in the XSL Content portlet in Liferay Portal Community Edition (CE) 5.x and 6.x prior to 6.0.6 GA, when Apache Tomcat is used, allows remote malicious users to execute arbitrary commands via unknown vectors.
Liferay Liferay Portal
1 EDB exploit
1 Github repository
NA
CVE-2011-2763
The web interface on the LifeSize Room appliance LS_RM1_3.5.3 (11) and 4.7.18 allows remote malicious users to execute arbitrary commands via a modified request to the LSRoom_Remoting.doCommand function in gateway.php.
Lifesize Lifesize Room Appliance Software Ls Rm1 3.5.3
Lifesize Lifesize Room Appliance Software 4.7.18
1 EDB exploit
7.8
CVSSv3
CVE-2022-31660
VMware Workspace ONE Access, Identity Manager and vRealize Automation contains a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to 'root'.
Vmware Identity Manager 3.3.4
Vmware Identity Manager 3.3.5
Vmware Identity Manager 3.3.6
Vmware One Access 21.08.0.0
Vmware One Access 21.08.0.1
Vmware Access Connector 21.08.0.0
Vmware Access Connector 21.08.0.1
Vmware Access Connector 22.05
Vmware Identity Manager Connector 3.3.4
Vmware Identity Manager Connector 3.3.5
Vmware Identity Manager Connector 3.3.6
Vmware Identity Manager Connector 19.03.0.1
1 Article
NA
CVE-2007-6515
support/dispatch.cgi in SiteScape Forum allows remote malicious users to execute arbitrary TCL code via code separator characters in the query string.
Sitescape Sitescape Forum St
Sitescape Sitescape Forum Zx
2 EDB exploits
9.8
CVSSv3
CVE-2021-22652
Access to the Advantech iView versions prior to v5.7.03.6112 configuration are missing authentication, which may allow an unauthorized malicious user to change the configuration and obtain code execution.
Advantech Iview
9.8
CVSSv3
CVE-2017-9769
A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProcess allowing a handle to be opened to an arbitrary process.
Razer Synapse 2.20.15.1104
1 EDB exploit
1 Github repository
8.8
CVSSv3
CVE-2022-23642
Sourcegraph is a code search and navigation engine. Sourcegraph prior to version 3.37 is vulnerable to remote code execution in the `gitserver` service. The service acts as a git exec proxy, and fails to properly restrict calling `git config`. This allows an malicious user to set...
Sourcegraph Sourcegraph
1 Github repository
9.8
CVSSv3
CVE-2020-0646
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka '.NET Framework Remote Code Execution Injection Vulnerability'.
Microsoft .net Framework 3.0
Microsoft .net Framework 3.5
Microsoft .net Framework 4.6.2
Microsoft .net Framework 4.7
Microsoft .net Framework 4.7.1
Microsoft .net Framework 4.7.2
Microsoft .net Framework 4.8
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.5.2
Microsoft .net Framework 4.6
Microsoft .net Framework 4.6.1
12 Github repositories
2 Articles
9.8
CVSSv3
CVE-2021-26295
Apache OFBiz has unsafe deserialization before 17.12.06. An unauthenticated attacker can use this vulnerability to successfully take over Apache OFBiz.
Apache Ofbiz
8 Github repositories
8.8
CVSSv3
CVE-2021-31181
Microsoft SharePoint Remote Code Execution Vulnerability
Microsoft Sharepoint Foundation 2013
Microsoft Sharepoint Enterprise Server 2016
Microsoft Sharepoint Server 2019
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »