Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
superuser vulnerabilities and exploits
(subscribe to this query)
685
VMScore
CVE-2020-16134
An issue exists on Swisscom Internet Box 2, Internet Box Standard, Internet Box Plus before 10.04.38, Internet Box 3 before 11.01.20, and Internet Box light before 08.06.06. Given the (user-configurable) credentials for the local Web interface or physical access to a device'...
Swisscom Internet-box 2 Firmware
Swisscom Internet-box Standard Firmware
Swisscom Internet-box Plus Firmware
Swisscom Internet-box 3 Firmware
Swisscom Internet-box Light Firmware
NA
CVE-2020-21469
An issue exists in PostgreSQL 12.2 allows malicious users to cause a denial of service via repeatedly sending SIGHUP signals. NOTE: this is disputed by the vendor because untrusted users cannot send SIGHUP signals; they can only be sent by a PostgreSQL superuser, a user with pg_r...
Postgresql Postgresql 12.2
890
VMScore
CVE-2020-9409
The administrative UI component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server for AWS Marketplace, and TIBCO JasperReports Server for ActiveMatrix BPM contains a vulnerability that theoretically allows an unauthenticated malicious user to ob...
Tibco Jasperreports Server
Oracle Retail Order Broker 15.0
Oracle Retail Order Broker 16.0
655
VMScore
CVE-2017-15276
OpenText Documentum Content Server (formerly EMC Documentum Content Server) up to and including 7.3 contains the following design gap, which allows an authenticated user to gain superuser privileges: Content Server allows uploading content using batches (TAR archives). When unpac...
Opentext Documentum Content Server
1 EDB exploit
NA
CVE-2023-41113
An issue exists in EnterpriseDB Postgres Advanced Server (EPAS) prior to 11.21.32, 12.x prior to 12.16.20, 13.x prior to 13.12.16, 14.x prior to 14.9.0, and 15.x prior to 15.4.0. It allows an authenticated user to to obtain information about whether certain files exist on disk, w...
Enterprisedb Postgres Advanced Server
NA
CVE-2024-0985
Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling safe refresh of untrusted materi...
Postgresql Postgresql
578
VMScore
CVE-2020-25695
A flaw was found in PostgreSQL versions prior to 13.1, prior to 12.5, prior to 11.10, prior to 10.15, prior to 9.6.20 and prior to 9.5.24. An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary SQL functions under the identity o...
Postgresql Postgresql
Debian Debian Linux 9.0
1 Github repository
725
VMScore
CVE-2014-0998
Integer signedness error in the vt console driver (formerly Newcons) in FreeBSD 9.3 before p10 and 10.1 before p6 allows local users to cause a denial of service (crash) and possibly gain privileges via a negative value in a VT_WAITACTIVE ioctl call, which triggers an array index...
Freebsd Freebsd 10.1
1 EDB exploit
756
VMScore
CVE-2014-2515
EMC Documentum D2 3.1 before P24, 3.1SP1 before P02, 4.0 before P11, 4.1 before P16, and 4.2 before P05 does not properly restrict tickets provided by D2GetAdminTicketMethod and D2RefreshCacheMethod, which allows remote authenticated users to gain privileges via a request for a s...
Emc Documentum D2 3.1
Emc Documentum D2 4.1
Emc Documentum D2 4.2
Emc Documentum D2 4.0
1000
VMScore
CVE-2003-0240
The web-based administration capability for various Axis Network Camera products allows remote malicious users to bypass access restrictions and modify configuration via an HTTP request to the admin/admin.shtml containing a leading // (double slash).
Axis 2110 Network Camera
Axis 2120 Network Camera
Axis 2100 Network Camera
Axis 250s Video Server
Axis 2130 Ptz Network Camera
Axis 2400 Video Server
Axis 2401 Video Server
Axis 2420 Network Camera
Axis 2460 Network Dvr
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »