Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
slidingwindow vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2017-6338
Multiple Access Control issues in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before CP 1746 allow an authenticated, remote user with low privileges like 'Reports Only' or 'Auditor' to change FTP Access Control Settings, create or modify r...
Trendmicro Interscan Web Security Virtual Appliance
1 EDB exploit
6.5
CVSSv3
CVE-2017-6339
Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before CP 1746 mismanages certain key and certificate data. Per IWSVA documentation, by default, IWSVA acts as a private Certificate Authority (CA) and dynamically generates digital certificates that are sent to cli...
Trendmicro Interscan Web Security Virtual Appliance
1 EDB exploit
5.4
CVSSv3
CVE-2018-5405
The Quest Kace K1000 Appliance, versions before 9.0.270, allows an authenticated least privileged user with 'User Console Only' rights to potentially inject arbitrary JavaScript code on the tickets page. Script execution could allow a malicious user of the system to ste...
Quest Kace Systems Management Appliance Firmware
1 EDB exploit
5.4
CVSSv3
CVE-2017-6340
Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before CP 1746 does not sanitize a rest/commonlog/report/template name field, which allows a 'Reports Only' user to inject malicious JavaScript while creating a new report. Additionally, IWSVA implements i...
Trendmicro Interscan Web Security Virtual Appliance
1 EDB exploit
5.4
CVSSv3
CVE-2016-9316
Multiple stored Cross-Site-Scripting (XSS) vulnerabilities in com.trend.iwss.gui.servlet.updateaccountadministration in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Build_Linux_1707 and previous versions allow authenticated, remote users with least...
Trendmicro Interscan Web Security Virtual Appliance
1 EDB exploit
NA
CVE-2015-1497
radexecd.exe in Persistent Systems Radia Client Automation (RCA) 7.9, 8.1, 9.0, and 9.1 allows remote malicious users to execute arbitrary commands via a crafted request to TCP port 3465.
Persistent Systems Radia Client Automation 7.9
Persistent Systems Radia Client Automation 8.1
Persistent Systems Radia Client Automation 9.0
Persistent Systems Radia Client Automation 9.1
3 EDB exploits
NA
CVE-2013-3893
Use-after-free vulnerability in the SetMouseCapture implementation in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote malicious users to execute arbitrary code via crafted JavaScript strings, as demonstrated by use of an ms-help: URL that triggers loading of ...
Microsoft Internet Explorer 11
Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
1 EDB exploit
6 Github repositories
8 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2