Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
code execution vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2011-2702
Integer signedness error in Glibc prior to 2.13 and eglibc prior to 2.13, when using Supplemental Streaming SIMD Extensions 3 (SSSE3) optimization, allows context-dependent malicious users to execute arbitrary code via a negative length parameter to (1) memcpy-ssse3-rep.S, (2) me...
Gnu Glibc 2.12.1
Gnu Glibc
Gnu Glibc 2.12
Gnu Eglibc
1 EDB exploit
6.8
CVSSv2
CVE-2018-17980
NoMachine prior to 5.3.27 and 6.x prior to 6.3.6 allows malicious users to gain privileges via a Trojan horse wintab32.dll file located in the same directory as a .nxs file, as demonstrated by a scenario where the .nxs file and the DLL are in the current working directory, and th...
Nomachine Nomachine
1 EDB exploit
NA
CVE-2020-28320
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none
6.5
CVSSv2
CVE-2017-6087
EyesOfNetwork ("EON") 5.0 and previous versions allows remote authenticated users to execute arbitrary code via shell metacharacters in the selected_events[] parameter in the (1) acknowledge, (2) delete, or (3) ownDisown function in module/monitoring_ged/ged_functions.p...
Eonweb Project Eonweb
1 EDB exploit
6.5
CVSSv2
CVE-2022-24734
MyBB is a free and open source forum software. In affected versions the Admin CP's Settings management module does not validate setting types correctly on insertion and update, making it possible to add settings of supported type `php` with PHP code, executed on on _Change S...
Mybb Mybb
1 Metasploit module
2 Github repositories
7.5
CVSSv2
CVE-2018-15708
Snoopy 1.0 in Nagios XI 5.5.6 allows remote unauthenticated malicious users to execute arbitrary commands via a crafted HTTP request.
Nagios Nagios Xi 5.5.6
2 EDB exploits
2 Metasploit modules
1 Github repository
NA
CVE-2022-37661
SmartRG SR506n 2.5.15 and SR510n 2.6.13 routers are vulnerable to Remote Code Execution (RCE) via the ping host feature.
Adtran Sr510n Firmware 2.6.13
Adtran Sr506n Firmware 2.5.15
1 EDB exploit
4.6
CVSSv2
CVE-2019-19585
An issue exists in rConfig 3.9.3. The install script updates the /etc/sudoers file for rconfig specific tasks. After an "rConfig specific Apache configuration" update, apache has high privileges for some binaries. This can be exploited by an malicious user to bypass loc...
Rconfig Rconfig 3.9.3
1 Metasploit module
1 Github repository
6.5
CVSSv2
CVE-2020-11978
An issue was found in Apache Airflow versions 1.10.10 and below. A remote code/command injection vulnerability exists in one of the example DAGs shipped with Airflow which would allow any authenticated user to run arbitrary commands as the user running airflow worker/scheduler (d...
Apache Airflow
1 Metasploit module
4 Github repositories
7.5
CVSSv2
CVE-2014-4511
Gitlist prior to 0.5.0 allows remote malicious users to execute arbitrary commands via shell metacharacters in the file name in the URI of a request for a (1) blame, (2) file, or (3) stats page, as demonstrated by requests to blame/master/, master/, and stats/master/.
Gitlist Gitlist 0.2
Gitlist Gitlist 0.1
Gitlist Gitlist
Gitlist Gitlist 0.3
2 EDB exploits
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »