Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2022-42150
TinyLab linux-lab v1.1-rc1 and cloud-labv0.8-rc2, v1.1-rc1 are vulnerable to insecure permissions. The default configuration could cause Container Escape.
Tinylab Linux Lab 1.1
Tinylab Cloud Lab 1.1
Tinylab Cloud Lab 0.8
10
CVSSv3
CVE-2023-45146
XXL-RPC is a high performance, distributed RPC framework. With it, a TCP server can be set up using the Netty framework and the Hessian serialization mechanism. When such a configuration is used, attackers may be able to connect to the server and provide malicious serialized obje...
Xxl-rpc Project Xxl-rpc
10
CVSSv3
CVE-2023-20198
Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in Cisco IOS XE Software. We are updating the list of fixed releases and adding the Software Checker. Our investigation has determined that the actors exploited two previou...
Cisco Ios Xe
3 Metasploit modules
35 Github repositories
1 Article
10
CVSSv3
CVE-2023-40455
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14. A sandboxed process may be able to circumvent sandbox restrictions.
Apple Macos
10
CVSSv3
CVE-2023-4260
Potential off-by-one buffer overflow vulnerability in the Zephyr fuse file system.
Zephyrproject Zephyr
10
CVSSv3
CVE-2023-4262
Possible buffer overflow in Zephyr mgmt subsystem when asserts are disabled
Zephyrproject Zephyr
10
CVSSv3
CVE-2023-38586
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sonoma 14. A sandboxed process may be able to circumvent sandbox restrictions.
Apple Macos
10
CVSSv3
CVE-2023-39967
WireMock is a tool for mocking HTTP services. When certain request URLs like “@127.0.0.1:1234" are used in WireMock Studio configuration fields, the request might be forwarded to an arbitrary service reachable from WireMock’s instance. There are 3 identified pote...
Wiremock Studio
10
CVSSv3
CVE-2023-1523
Using the TIOCLINUX ioctl request, a malicious snap could inject contents into the input of the controlling terminal which could allow it to cause arbitrary commands to be executed outside of the snap sandbox after the snap exits. Graphical terminal emulators like xterm, gnome-te...
Canonical Snapd
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 22.04
Canonical Ubuntu Linux 22.10
Canonical Ubuntu Linux 23.04
10
CVSSv3
CVE-2022-36648
The hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device model in QEMU, as used in 7.0.0 and previous versions, allows remote malicious users to crash the host qemu and potentially execute code on the host via execute a malformed program in the guest OS. Note: This ...
Qemu Qemu
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2024-20360
CVE-2021-47559
XXE
CVE-2024-5229
CVE-2021-47543
CVE-2021-47571
SSTI
CVE-2024-4978
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »