Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
super vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-31496
LibreHealth EHR Base 2.0.0 allows incorrect interface/super/manage_site_files.php access.
Librehealth Librehealth Ehr 2.0.0
6.6
CVSSv3
CVE-2022-44244
An authentication bypass in Lin-CMS v0.2.1 allows malicious users to escalate privileges to Super Administrator.
Lin-cms Project Lin-cms 0.2.1
1 Github repository
8.8
CVSSv3
CVE-2023-28634
GLPI is a free asset and IT management software package. Starting in version 0.83 and prior to versions 9.5.13 and 10.0.7, a user who has the Technician profile could see and generate a Personal token for a Super-Admin. Using such token it is possible to negotiate a GLPI session ...
Glpi-project Glpi
9.8
CVSSv3
CVE-2023-41294
The DP module has a service hijacking vulnerability.Successful exploitation of this vulnerability may affect some Super Device services.
Huawei Harmonyos 2.1.0
7.2
CVSSv3
CVE-2016-10947
The Post Indexer plugin prior to 3.0.6.2 for WordPress has SQL injection via the period parameter by a super admin.
Post Indexer Project Post Indexer
9.8
CVSSv3
CVE-2019-3568
A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RTCP packets sent to a target phone number. The issue affects WhatsApp for Android prior to v2.19.134, WhatsApp Business for Android prior to v2.19.44, WhatsApp fo...
Whatsapp Whatsapp
7 Github repositories
4 Articles
9.8
CVSSv3
CVE-2021-27228
An issue exists in Shinobi through ocean version 1. lib/auth.js has Incorrect Access Control. Valid API Keys are held in an internal JS Object. Therefore an attacker can use JS Proto Method names (such as constructor or hasOwnProperty) to convince the System that the supplied API...
Shinobi Shinobi Pro
8.8
CVSSv3
CVE-2018-9250
interface\super\edit_list.php in OpenEMR before v5_0_1_1 allows remote authenticated users to execute arbitrary SQL commands via the newlistname parameter.
Open-emr Openemr
9.8
CVSSv3
CVE-2019-13131
Super Micro SuperDoctor 5, when restrictions are not implemented in agent.cfg, allows remote malicious users to execute arbitrary commands via NRPE.
Supermicro Superdoctor 5 -
6.5
CVSSv3
CVE-2022-41471
74cmsSE v3.12.0 allows authenticated attackers with low-level privileges to arbitrarily change the rights and credentials of the Super Administrator account.
74cms 74cmsse 3.12.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »