Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
answer answer vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2020-16169
Authentication Bypass Using an Alternate Path or Channel in temi Robox OS prior to120, temi Android app up to 1.3.7931 allows remote malicious users to gain elevated privileges on the temi and have it automatically answer the attacker's calls, granting audio, video, and moto...
Robotemi Robox Os
445
VMScore
CVE-2019-8699
A logic issue existed in the handling of answering phone calls. The issue was addressed with improved state management. This issue is fixed in iOS 12.4. The initiator of a phone call may be able to cause the recipient to answer a simultaneous Walkie-Talkie connection.
Apple Iphone Os
668
VMScore
CVE-2002-0258
Merak Mail IceWarp Web Mail uses a static identifier as a user session ID that does not change across sessions, which could allow remote attackers with access to the ID to gain privileges as that user, e.g. by extracting the ID from the user's answer or forward URLs.
Merak Mail Server
Icewarp Web Mail
312
VMScore
CVE-2015-5336
Multiple cross-site scripting (XSS) vulnerabilities in the survey module in Moodle up to and including 2.6.11, 2.7.x prior to 2.7.11, 2.8.x prior to 2.8.9, and 2.9.x prior to 2.9.3 allow remote authenticated users to inject arbitrary web script or HTML by leveraging the student r...
Moodle Moodle 2.8.0
Moodle Moodle 2.7.9
Moodle Moodle 2.7.8
Moodle Moodle 2.7.7
Moodle Moodle 2.9.1
Moodle Moodle 2.9.0
Moodle Moodle 2.8.7
Moodle Moodle 2.8.6
Moodle Moodle 2.8.5
Moodle Moodle 2.7.2
Moodle Moodle 2.7.1
Moodle Moodle 2.7.0
Moodle Moodle
Moodle Moodle 2.8.8
Moodle Moodle 2.8.4
Moodle Moodle 2.8.2
Moodle Moodle 2.7.5
Moodle Moodle 2.7.3
Moodle Moodle 2.7.10
Moodle Moodle 2.9.2
Moodle Moodle 2.8.3
Moodle Moodle 2.8.1
312
VMScore
CVE-2013-4525
Cross-site scripting (XSS) vulnerability in mod/quiz/report/responses/responses_table.php in Moodle up to and including 2.2.11, 2.3.x prior to 2.3.10, 2.4.x prior to 2.4.7, and 2.5.x prior to 2.5.3 allows remote authenticated users to inject arbitrary web script or HTML via an an...
Moodle Moodle 2.4.6
Moodle Moodle 2.4.1
Moodle Moodle 2.3.1
Moodle Moodle 2.3.3
Moodle Moodle 2.3.8
Moodle Moodle 2.2.8
Moodle Moodle 2.2.6
Moodle Moodle
Moodle Moodle 2.2.1
Moodle Moodle 2.1.4
Moodle Moodle 2.1.2
Moodle Moodle 2.0.8
Moodle Moodle 2.0.6
Moodle Moodle 2.0.4
Moodle Moodle 1.9.9
Moodle Moodle 1.9.7
Moodle Moodle 1.9.17
Moodle Moodle 1.9.15
Moodle Moodle 1.8.8
Moodle Moodle 1.8.3
Moodle Moodle 1.8.14
Moodle Moodle 1.7.6
383
VMScore
CVE-2020-5942
In BIG-IP PEM versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, when processing Capabilities-Exchange-Answer (CEA) packets with certain attributes from the Policy and Charging Rules Function (PCRF) server, the Traff...
F5 Big-ip Policy Enforcement Manager
NA
CVE-2024-27899
Self-Registration and Modify your own profile in User Admin Application of NetWeaver AS Java does not enforce proper security requirements for the content of the newly defined security answer. This can be leveraged by an malicious user to cause profound impact on confidentiality ...
NA
CVE-2023-35867
An improper handling of a malformed API answer packets to API clients in Bosch BT software products can allow an unauthenticated malicious user to cause a Denial of Service (DoS) situation. To exploit this vulnerability an attacker has to replace an existing API server e.g. throu...
Bosch Building Integration System Video Engine
Bosch Bosch Video Management System
Bosch Video Management System Viewer
Bosch Configuration Manager
Bosch Divar Ip 7000 R2 Firmware
Bosch Divar Ip All-in-one 4000 Firmware
Bosch Divar Ip All-in-one 5000 Firmware
Bosch Divar Ip All-in-one 6000 Firmware
Bosch Divar Ip All-in-one 7000 Firmware
Bosch Divar Ip All-in-one 7000 R3 Firmware
Bosch Intelligent Insights
Bosch Onvif Camera Event Driver Tool
Bosch Project Assistant
Bosch Video Security Client
505
VMScore
CVE-2006-5566
CRLF injection vulnerability in premium/index.php in Shop-Script allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the (1) links_exchange, (2) news, (3) search_with_change_category_ability, (4) logging...
Webasyst Llc Shop-script
1 EDB exploit
445
VMScore
CVE-2010-1238
MoinMoin 1.7.1 allows remote malicious users to bypass the textcha protection mechanism by modifying the textcha-question and textcha-answer fields to have empty values.
Moinmo Moinmoin 1.7.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »