Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
k vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2020-7873
Download of code without integrity check vulnerability in ActiveX control of Younglimwon Co., Ltd allows the malicious user to cause a arbitrary file download and execution.
Ksystem K-system Wellcomm 1.1
Ksystem K-system Wellcomm 4.0
10
CVSSv2
CVE-2014-7279
The Konke Smart Plug K does not require authentication for TELNET sessions, which allows remote malicious users to obtain "equipment management authority" via TCP traffic to port 23.
Kankunit Konke Smart Plug Firmware K
1 EDB exploit
4.3
CVSSv2
CVE-2008-3581
Cross-site scripting (XSS) vulnerability in index.php in Qsoft K-Links allows remote malicious users to inject arbitrary web script or HTML via the login_message parameter in a login action.
Qsoft K-links
1 EDB exploit
5
CVSSv2
CVE-2019-16162
Onigmo up to and including 6.2.0 has an out-of-bounds read in parse_char_class because of missing codepoint validation in regenc.c.
K-takata Onigmo
7.5
CVSSv2
CVE-2008-3580
Multiple SQL injection vulnerabilities in Qsoft K-Links allow remote malicious users to execute arbitrary SQL commands via (1) the id parameter to visit.php, or the PATH_INFO to the default URI under (2) report/, (3) addreview/, or (4) refer/.
Qsoft K-links
1 EDB exploit
10
CVSSv2
CVE-2018-17932
JUUKO K-800 (Firmware versions prior to numbers ending ...9A, ...9B, ...9C, etc.) is vulnerable to a replay attack and command forgery, which could allow malicious users to replay commands, control the device, view commands, or cause the device to stop running.
Juuko K-800 Firmware -
5
CVSSv2
CVE-2019-16161
Onigmo up to and including 6.2.0 has a NULL pointer dereference in onig_error_code_to_str because of fetch_token in regparse.c.
K-takata Onigmo
4.6
CVSSv2
CVE-1999-0735
KDE K-Mail allows local users to gain privileges via a symlink attack in temporary user directories.
Kde K-mail
1 EDB exploit
10
CVSSv2
CVE-2018-19025
In JUUKO K-808, an attacker could specially craft a packet that encodes an arbitrary command, which could be executed on the K-808 (Firmware versions prior to numbers ending ...9A, ...9B, ...9C, etc.).
Juuko K-808 Firmware -
2.6
CVSSv2
CVE-2006-7139
Kmail 1.9.1 on KDE 3.5.2, with "Prefer HTML to Plain Text" enabled, allows remote malicious users to cause a denial of service (crash) via an HTML e-mail with certain table and frameset tags that trigger a segmentation fault, possibly involving invalid free or delete op...
Kde K-mail 1.9.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377
CVE-2024-20859
CVE-2023-49606
inject
arbitrary
CVE-2024-33788
CVE-2024-30973
IDOR
CVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »