Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
r vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2021-3159
A stored cross site scripting (XSS) vulnerability in the /sys/attachment/uploaderServlet component of Landray EKP V12.0.9.R.20160325 allows malicious users to execute arbitrary web scripts or HTML via a crafted SVG, SHTML, or MHT file.
Landray Landray Ekp 12.0.9.r.20160325
5.3
CVSSv3
CVE-2020-7222
An issue exists in Amcrest Web Server 2.520.AC00.18.R 2017-06-29 WEB 3.2.1.453504. The login page responds with JavaScript when one tries to authenticate. An attacker who changes the result parameter (to true) in this JavaScript code can bypass authentication and achieve limited ...
Amcrest Web Server 2.520.ac00.18.r
8.1
CVSSv3
CVE-2021-46416
Insecure direct object reference in SUNNY TRIPOWER 5.0 Firmware version 3.10.16.R leads to unauthorized user groups accessing due to insecure cookie handling.
Sma Sunny Tripower Firmware 3.10.16.r
NA
CVE-2002-1577
SAP R/3 2.0B to 4.6D installs several clients with default users and passwords, which allows remote malicious users to gain privileges via the (1) SAP*, (2) SAPCPIC, (3) DDIC, (4) EARLYWATCH, or (5) TMSADM accounts.
Sap Sap R 3 2.0b To 4.6d
4.6
CVSSv3
CVE-2021-45783
Bookeen Notea Firmware BK_R_1.0.5_20210608 is affected by a directory traversal vulnerability that allows an malicious user to obtain sensitive information.
Bookeen Notea Firmware Bk R 1.0.5 20210608
NA
CVE-2006-6742
Multiple buffer overflows in FTP Print Server 2.4 and 2.4.5 in HP LaserJet 5000 Series printers with firmware R.25.15 or R.25.47, and HP LaserJet 5100 Series printers with firmware V.29.12, allow remote malicious users to cause a denial of service (device crash) via a long string...
Hp Ftp Print Server 2.4
Hp Ftp Print Server 2.4.5
Hp Laserjet 5000 R.25.15
Hp Laserjet 5100 V.29.12
Hp Laserjet 5000 R.25.47
7.1
CVSSv3
CVE-2020-27524
On Audi A7 MMI 2014 vehicles, the Bluetooth stack in Audi A7 MMI Multiplayer with version (N+R_CN_AU_P0395) mishandles %x and %s format string specifiers in a device name. This may lead to memory content leaks and potentially crash the services.
Audi Mmi Multiplayer N+r Cn Au P0395
5.4
CVSSv3
CVE-2020-5769
Insufficient output sanitization in Teltonika firmware TRB2_R_00.02.02 allows a remote, authenticated malicious user to conduct persistent cross-site scripting (XSS) attacks by injecting malicious client-side code into the 'URL/ Host / Connection' form in the 'DATA...
Teltonika-networks Gateway Trb245 Firmware Trb2 R 00.02.02
7.5
CVSSv3
CVE-2022-4636
Black Box KVM Firmware version 3.4.31307 on models ACR1000A-R-R2, ACR1000A-T-R2, ACR1002A-T, ACR1002A-R, and ACR1020A-T is vulnerable to path traversal, which may allow an malicious user to steal user credentials and other sensitive information through local file inclusion.
Blackbox Acr1000a-r-r2 Firmware 3.4.31307
Blackbox Acr1000a-t-r2 Firmware 3.4.31307
Blackbox Acr1002a-r Firmware 3.4.31307
Blackbox Acr1002a-t Firmware 3.4.31307
Blackbox Acr1020a-t Firmware 3.4.31307
NA
CVE-2003-1035
The default installation of SAP R/3 46C/D allows remote malicious users to bypass account locking by using the RFC API instead of the SAPGUI to conduct a brute force password guessing attack, which does not lock out the account like the SAPGUI does.
Sap Sapgui 4.6c
Sap Sap R 3
Sap Sapgui 4.6d
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »