Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2022-30521
The LAN-side Web-Configuration Interface has Stack-based Buffer Overflow vulnerability in the D-Link Wi-Fi router firmware DIR-890L DIR890LA1_FW107b09.bin and previous versions. The function created at 0x17958 of /htdocs/cgibin will call sprintf without checking the length of str...
Dlink Dir-890l Firmware
10
CVSSv2
CVE-2021-34079
OS Command injection vulnerability in Mintzo Docker-Tester up to and including 1.2.1 allows malicious users to execute arbitrary commands via shell metacharacters in the 'ports' entry of a crafted docker-compose.yml file.
Docker-tester Project Docker-tester
10
CVSSv2
CVE-2021-34080
OS Command Injection vulnerability in es128 ssl-utils 1.0.0 for Node.js allows malicious users to execute arbitrary commands via unsanitized shell metacharacters provided to the createCertRequest() and the createCert() functions.
Ssl-utils Project Ssl-utils
10
CVSSv2
CVE-2021-34082
OS Command Injection vulnerability in allenhwkim proctree up to and including 0.1.1 and commit 0ac10ae575459457838f14e21d5996f2fa5c7593 for Node.js, allows malicious users to execute arbitrary commands via the fix function.
Proctree Project Proctree
10
CVSSv2
CVE-2021-34084
OS command injection vulnerability in Turistforeningen node-s3-uploader up to and including 2.0.3 for Node.js allows malicious users to execute arbitrary commands via the metadata() function.
S3-uploader Project S3-uploader
10
CVSSv2
CVE-2021-42872
TOTOLINK EX1200T V4.1.2cu.5215 is affected by a command injection vulnerability that can remotely execute arbitrary code.
Totolink Ex1200t Firmware 4.1.2cu.5215
10
CVSSv2
CVE-2022-1660
The affected products are vulnerable of untrusted data due to deserialization without prior authorization/authentication, which may allow an malicious user to remotely execute arbitrary code.
Keysight N6854a Firmware
Keysight N6841a Rf Firmware
10
CVSSv2
CVE-2022-29730
USR IOT 4G LTE Industrial Cellular VPN Router v1.0.36 exists to contain hard-coded credentials for its highest privileged account. The credentials cannot be altered through normal operation of the device.
Usr Usr-g808 Firmware 1.0.36
Usr Usr-g807 Firmware 1.0.36
Usr Usr-g806 Firmware 1.0.36
Usr Usr-g800v2 Firmware 1.0.36
Usr Usr-lg220-l Firmware 1.2.7
10
CVSSv2
CVE-2022-30493
In oretnom23 Automotive Shop Management System v1.0, the product id parameter suffers from a blind SQL Injection Vulnerability allowing remote malicious users to dump all database credential and gain admin access(privilege escalation).
Automotive Shop Management System Project Automotive Shop Management System 1.0
10
CVSSv2
CVE-2022-24422
Dell iDRAC9 versions 5.00.00.00 and later but before 5.10.10.00, contain an improper authentication vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to gain access to the VNC Console.
Dell Idrac9
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »