Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
client vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2021-21972
The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Se...
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
Vmware Cloud Foundation
46 Github repositories
2 Articles
10
CVSSv2
CVE-2020-14224
A vulnerability in the MIME message handling of the HCL Notes v9 client could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow. This could allow a remote malicious user to crash the Notes application or inject code into the system which...
Hcltech Notes 9.0
Hcltech Notes 9.0.1
10
CVSSv2
CVE-2019-14482
AdRem NetCrunch 10.6.0.4587 has a hardcoded SSL private key vulnerability in the NetCrunch web client. The same hardcoded SSL private key is used across different customers' installations when no other SSL certificate is installed, which allows remote malicious users to defe...
Adremsoft Netcrunch
10
CVSSv2
CVE-2020-14268
A vulnerability in the MIME message handling of the Notes client (versions 9 and 10) could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow. This could allow a remote malicious user to crash the client or inject code into the system whi...
Hcltech Notes
Hcltech Notes 9.0.1
Hcltech Notes 10.0.1
10
CVSSv2
CVE-2020-28250
Cellinx NVT Web Server 5.0.0.014b.test 2019-09-05 allows a remote user to run commands as root via SetFileContent.cgi because authentication is on the client side.
Cellinx Nvt Web Server 5.0.0.014b
1 Github repository
10
CVSSv2
CVE-2020-3657
u'Remote code execution can happen by sending a carefully crafted POST query when Device configuration is accessed from a tethered client through webserver due to lack of array bound check.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Ind...
Qualcomm Apq8009 Firmware -
Qualcomm Apq8017 Firmware -
Qualcomm Apq8053 Firmware -
Qualcomm Apq8096au Firmware -
Qualcomm Apq8098 Firmware -
Qualcomm Ipq4019 Firmware -
Qualcomm Ipq6018 Firmware -
Qualcomm Ipq8064 Firmware -
Qualcomm Ipq8074 Firmware -
Qualcomm Mdm9150 Firmware -
Qualcomm Mdm9206 Firmware -
Qualcomm Mdm9207c Firmware -
Qualcomm Mdm9607 Firmware -
Qualcomm Mdm9640 Firmware -
Qualcomm Mdm9650 Firmware -
Qualcomm Msm8905 Firmware -
Qualcomm Msm8909w Firmware -
Qualcomm Msm8953 Firmware -
Qualcomm Msm8996au Firmware -
Qualcomm Qca6574au Firmware -
Qualcomm Qcs405 Firmware -
Qualcomm Qcs610 Firmware -
10
CVSSv2
CVE-2019-17006
In Network Security Services (NSS) prior to 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow.
Siemens Ruggedcom Rox Mx5000 Firmware
Siemens Ruggedcom Rox Rx1400 Firmware
Siemens Ruggedcom Rox Rx1500 Firmware
Siemens Ruggedcom Rox Rx1501 Firmware
Siemens Ruggedcom Rox Rx1510 Firmware
Siemens Ruggedcom Rox Rx1511 Firmware
Siemens Ruggedcom Rox Rx1512 Firmware
Siemens Ruggedcom Rox Rx5000 Firmware
Mozilla Network Security Services
Netapp Hci Management Node -
Netapp Solidfire -
Netapp Hci Compute Node -
Netapp Hci Storage Node -
10
CVSSv2
CVE-2020-11552
An elevation of privilege vulnerability exists in ManageEngine ADSelfService Plus before build 6003 because it does not properly enforce user privileges associated with a Certificate dialog. This vulnerability could allow an unauthenticated malicious user to escalate privileges o...
Zohocorp Manageengine Adselfservice Plus
Zohocorp Manageengine Adselfservice Plus 6.0
10
CVSSv2
CVE-2020-10515
STARFACE UCC Client prior to 6.7.1.204 on WIndows allows binary planting to execute code with System rights, aka usd-2020-0006.
Starface Unified Communication \\& Collaboration Client
10
CVSSv2
CVE-2020-9054
Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated malicious user to execute arbitrary code on a vulnerable device. ZyXEL NAS devices achieve a...
Zyxel Nas326 Firmware
Zyxel Nas520 Firmware
Zyxel Nas540 Firmware
Zyxel Nas542 Firmware
Zyxel Atp100 Firmware
Zyxel Atp200 Firmware
Zyxel Atp500 Firmware
Zyxel Atp800 Firmware
Zyxel Usg20-vpn Firmware
Zyxel Usg20w-vpn Firmware
Zyxel Usg40 Firmware
Zyxel Usg40w Firmware
Zyxel Usg60 Firmware
Zyxel Usg60w Firmware
Zyxel Usg110 Firmware
Zyxel Usg210 Firmware
Zyxel Usg310 Firmware
Zyxel Usg1100 Firmware
Zyxel Usg1900 Firmware
Zyxel Usg2200 Firmware
Zyxel Vpn50 Firmware
Zyxel Vpn100 Firmware
1 Github repository
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »