Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
echo vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2024-26978
In the Linux kernel, the following vulnerability has been resolved: serial: max310x: fix NULL pointer dereference in I2C instantiation When trying to instantiate a max14830 device from userspace: echo max14830 0x60 > /sys/bus/i2c/devices/i2c-2/new_device we get the following e...
Linux Linux Kernel
9.8
CVSSv3
CVE-2021-45039
Multiple models of the Uniview IP Camera (e.g., IPC_G6103 B6103.16.10.B25.201218, IPC_G61, IPC21, IPC23, IPC32, IPC36, IPC62, and IPC_HCMN) offer an undocumented UDP service on port 7788 that allows a remote unauthenticated malicious user to overflow an internal buffer and achiev...
Uniview Camera Firmware -
9.8
CVSSv3
CVE-2019-15027
The MediaTek Embedded Multimedia Card (eMMC) subsystem for Android on MT65xx, MT66xx, and MT8163 SoC devices allows malicious users to execute arbitrary commands as root via shell metacharacters in a filename under /data, because clear_emmc_nomedia_entry in platform/mt6577/extern...
Mediatek Mt8163 Firmware -
Mediatek Mt6625 Firmware -
Mediatek Mt6577 Firmware -
NA
CVE-2021-47011
In the Linux kernel, the following vulnerability has been resolved: mm: memcontrol: slab: fix obtain a reference to a freeing memcg Patch series "Use obj_cgroup APIs to charge kmem pages", v5. Since Roman's series "The new cgroup slab memory controller" a...
9.8
CVSSv3
CVE-2023-40571
weblogic-framework is a tool for detecting weblogic vulnerabilities. Versions 0.2.3 and prior do not verify the returned data packets, and there is a deserialization vulnerability which may lead to remote code execution. When weblogic-framework gets the command echo, it directly ...
Weblogic-framework Project Weblogic-framework
8.8
CVSSv3
CVE-2023-30628
Kiwi TCMS is an open source test management system. In kiwitcms/Kiwi v12.2 and prior and kiwitcms/enterprise v12.2 and prior, the `changelog.yml` workflow is vulnerable to command injection attacks because of using an untrusted `github.head_ref` field. The `github.head_ref` value...
Kiwitcms Kiwi Tcms
5.4
CVSSv3
CVE-2023-0695
The Metform Elementor Contact Form Builder for WordPress is vulnerable to Cross-Site Scripting by using the 'mf' shortcode to echo unescaped form submissions in versions up to, and including, 3.3.0. This allows authenticated attackers, with contributor-level permissions...
Wpmet Metform Elementor Contact Form Builder
7.5
CVSSv3
CVE-2022-31019
Vapor is a server-side Swift HTTP web framework. When using automatic content decoding an attacker can craft a request body that can make the server crash with the following request: `curl -d "array[_0][0][array][_0][0][array]$(for f in $(seq 1100); do echo -n '[_0][0][...
Vapor Vapor
8.2
CVSSv3
CVE-2018-10601
IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, IntelliVue Patient Monitors MX (MX400-550) Rev J-M and (X3/MX100 for Rev M only), and Avalon Fetal/Maternal Monitors FM20/FM30/FM40/FM50 with software Revisions F.0, G.0 and J.3 have a...
Philips Intellivue Mp2 Firmware -
Philips Intellivue X2 Firmware -
Philips Intellivue Mp30 Firmware -
Philips Intellivue Mp50 Firmware -
Philips Intellivue Mp70 Firmware -
Philips Intellivue Np90 Firmware -
Philips Intellivue Mx700 Firmware -
Philips Intellivue Mx800 Firmware -
Philips Intellivue Mx400 Firmware -
Philips Intellivue Mx450 Firmware -
Philips Intellivue Mx500 Firmware -
Philips Intellivue Mx550 Firmware -
Philips Intellivue X3 Firmware -
Philips Intellivue Mx100 Firmware -
Philips Avalon Fetal\\/maternal Monitors Fm20 Firmware -
Philips Avalon Fetal\\/maternal Monitors Fm30 Firmware -
Philips Avalon Fetal\\/maternal Monitors Fm40 Firmware -
Philips Avalon Fetal\\/maternal Monitors Fm50 Firmware -
NA
CVE-2024-26951
In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: check for dangling peer via is_dead instead of empty list If all peers are removed via wg_peer_remove_all(), rather than setting peer_list to empty, the peer is added to a temporary list with ...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »