Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2023-45894
The Remote Application Server in Parallels RAS prior to 19.2.23975 does not segment virtualized applications from the server, which allows a remote malicious user to achieve remote code execution via standard kiosk breakout techniques.
Parallels Remote Application Server
10
CVSSv3
CVE-2022-42150
TinyLab linux-lab v1.1-rc1 and cloud-labv0.8-rc2, v1.1-rc1 are vulnerable to insecure permissions. The default configuration could cause Container Escape.
Tinylab Linux Lab 1.1
Tinylab Cloud Lab 1.1
Tinylab Cloud Lab 0.8
10
CVSSv3
CVE-2023-45146
XXL-RPC is a high performance, distributed RPC framework. With it, a TCP server can be set up using the Netty framework and the Hessian serialization mechanism. When such a configuration is used, attackers may be able to connect to the server and provide malicious serialized obje...
Xxl-rpc Project Xxl-rpc
10
CVSSv3
CVE-2023-20198
Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in Cisco IOS XE Software. We are updating the list of fixed releases and adding the Software Checker. Our investigation has determined that the actors exploited two previou...
Cisco Ios Xe
3 Metasploit modules
35 Github repositories
1 Article
10
CVSSv3
CVE-2023-4260
Potential off-by-one buffer overflow vulnerability in the Zephyr fuse file system.
Zephyrproject Zephyr
10
CVSSv3
CVE-2023-4262
Possible buffer overflow in Zephyr mgmt subsystem when asserts are disabled
Zephyrproject Zephyr
10
CVSSv3
CVE-2023-40455
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14. A sandboxed process may be able to circumvent sandbox restrictions.
Apple Macos
10
CVSSv3
CVE-2023-38586
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sonoma 14. A sandboxed process may be able to circumvent sandbox restrictions.
Apple Macos
10
CVSSv3
CVE-2023-39967
WireMock is a tool for mocking HTTP services. When certain request URLs like “@127.0.0.1:1234" are used in WireMock Studio configuration fields, the request might be forwarded to an arbitrary service reachable from WireMock’s instance. There are 3 identified pote...
Wiremock Studio
10
CVSSv3
CVE-2023-1523
Using the TIOCLINUX ioctl request, a malicious snap could inject contents into the input of the controlling terminal which could allow it to cause arbitrary commands to be executed outside of the snap sandbox after the snap exits. Graphical terminal emulators like xterm, gnome-te...
Canonical Snapd
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 22.04
Canonical Ubuntu Linux 22.10
Canonical Ubuntu Linux 23.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »