Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
image manager vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-11045
Pivotal Operations Manager, versions 2.1 before 2.1.6 and 2.0 before 2.0.15 and 1.12 before 1.12.22, contains a static Linux Random Number Generator (LRNG) seed file embedded in the appliance image. An attacker with knowledge of the exact version and IaaS of a running OpsManager ...
Pivotal Software Operations Manager
9
CVSSv2
CVE-2017-9279
NetIQ Identity Manager prior to 4.5.6.1 allowed uploading files with double extensions or non-image content in the Themes handling of the User Application Administration, allowing malicious user administrators to potentially execute code or mislead users.
Netiq Identity Manager
9.3
CVSSv2
CVE-2007-4344
Multiple input validation errors in ACD ACDSee Photo Manager 9.0 build 108, Pro Photo Manager 8.1 build 99, and Photo Editor 4.0 build 195 allow user-assisted remote malicious users to execute arbitrary code via a long section string in (1) a PSP image to the ID_PSP.apl plug-in o...
Acdsee Photo Manager 9.0
Acdsee Pro Photo Manager 8.1
Acdsee Photo Editor 4.0
9.3
CVSSv2
CVE-2007-1943
Integer overflow in ACDSee Photo Manager 9.0 allows context-dependent malicious users to cause a denial of service and possibly execute arbitrary code via large width image sizes in a crafted BMP image, as demonstrated by w3intof.bmp and w4intof.bmp.
Acd Systems Acdsee Photo Manager 9.0
1 EDB exploit
3.5
CVSSv2
CVE-2020-14988
An issue exists in Bloomreach Experience Manager (brXM) 4.1.0 up to and including 14.2.2. It allows XSS in the login page via the loginmessage parameter, the text editor via the src attribute of HTML elements, the translations menu via the foldername parameter, the author page vi...
Bloomreach Experience Manager
6.9
CVSSv2
CVE-2019-9627
A buffer overflow in the kernel driver CybKernelTracker.sys in CyberArk Endpoint Privilege Manager versions before 10.7 allows an attacker (without Administrator privileges) to escalate privileges or crash the machine by loading an image, such as a DLL, with a long path.
Cyberark Endpoint Privilege Manager
10
CVSSv2
CVE-2021-38613
The assets/index.php Image Upload feature of the NASCENT RemKon Device Manager 4.0.0.0 allows malicious users to upload any code to the target system and achieve remote code execution.
Nascent Remkon Device Manager 4.0.0.0
10
CVSSv2
CVE-2021-38611
A command-injection vulnerability in the Image Upload function of the NASCENT RemKon Device Manager 4.0.0.0 allows malicious users to execute arbitrary commands, as root, via shell metacharacters in the filename parameter to assets/index.php.
Nascent Remkon Device Manager 4.0.0.0
4
CVSSv2
CVE-2021-34638
Authenticated Directory Traversal in WordPress Download Manager <= 3.1.24 allows authenticated (Contributor+) users to obtain sensitive configuration file information, as well as allowing Author+ users to perform XSS attacks, by setting Download template to a file containing c...
Wpdownloadmanager Wordpress Download Manager
4
CVSSv2
CVE-2022-0634
The ThirstyAffiliates WordPress plugin prior to 3.10.5 lacks authorization checks in the ta_insert_external_image action, allowing a low-privilege user (with a role as low as Subscriber) to add an image from an external URL to an affiliate link. Further the plugin lacks csrf chec...
Caseproof Thirstyaffiliates Affiliate Link Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »