Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
metasploit vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2017-5235
Rapid7 Metasploit Pro installers prior to version 4.13.0-2017022101 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer.
Rapid7 Metasploit
3.5
CVSSv3
CVE-2017-5244
Routes used to stop running Metasploit tasks (either particular ones or all tasks) allowed GET requests. Only POST requests should have been allowed, as the stop/stop_all routes change the state of the service. This could have allowed an malicious user to stop currently-running M...
Rapid7 Metasploit
2 Github repositories
7.1
CVSSv3
CVE-2017-5229
All editions of Rapid7 Metasploit prior to version 4.13.0-2017020701 contain a directory traversal vulnerability in the Meterpreter extapi Clipboard.parse_dump() function. By using a specially-crafted build of Meterpreter, it is possible to write to an arbitrary directory on the ...
Rapid7 Metasploit
7.1
CVSSv3
CVE-2017-5231
All editions of Rapid7 Metasploit prior to version 4.13.0-2017020701 contain a directory traversal vulnerability in the Meterpreter stdapi CommandDispatcher.cmd_download() function. By using a specially-crafted build of Meterpreter, it is possible to write to an arbitrary directo...
Rapid7 Metasploit
4.8
CVSSv3
CVE-2023-0599
Rapid7 Metasploit Pro versions 4.21.2 and lower suffer from a stored cross site scripting vulnerability, due to a lack of JavaScript request string sanitization. Using this vulnerability, an authenticated attacker can execute arbitrary HTML and script code in the target browser a...
Rapid7 Metasploit
7.3
CVSSv3
CVE-2019-5624
Rapid7 Metasploit Framework suffers from an instance of CWE-22, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in the Zip import function of Metasploit. Exploiting this vulnerability can allow an malicious user to execute arbitrary code i...
Rapid7 Metasploit
1 Github repository
7.5
CVSSv3
CVE-2019-5645
By sending a specially crafted HTTP GET request to a listening Rapid7 Metasploit HTTP handler, an attacker can register an arbitrary regular expression. When evaluated, this malicious handler can either prevent new HTTP handler sessions from being established, or cause a resource...
Rapid7 Metasploit
6.5
CVSSv3
CVE-2017-15084
The web UI in Rapid7 Metasploit prior to 4.14.1-20170828 allows logout CSRF, aka R7-2017-22.
Rapid7 Metasploit
1 EDB exploit
NA
CVE-2011-1056
The installer for Metasploit Framework 3.5.1, when running on Windows, uses weak inherited permissions for the Metasploit installation directory, which allows local users to gain privileges by replacing critical files with a Trojan horse.
Metasploit Metasploit Framework 3.5.1
NA
CVE-2007-5243
Multiple stack-based buffer overflows in Borland InterBase LI 8.0.0.53 up to and including 8.1.0.253, and WI 5.1.1.680 up to and including 8.1.0.257, allow remote malicious users to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the (a) SVC_attac...
Borland Software Interbase Wi-o6.0.2.0
Borland Software Interbase Wi-v5.1.1.680
Borland Software Interbase Wi-v7.5.1.80
Borland Software Interbase Wi-v8.0.0.123
Borland Software Interbase Li 8.0.0.253
Borland Software Interbase Li 8.0.0.53
Borland Software Interbase Wi-v6.0.1.0
Borland Software Interbase Wi-v6.0.1.6
Borland Software Interbase Li 8.0.0.54
Borland Software Interbase Wi-o6.0.1.6
Borland Software Interbase Wi-v6.5.0.28
Borland Software Interbase Wi-v7.0.1.1
Borland Software Interbase Wi-v7.5.0.129
Borland Software Interbase Wi-v5.5.0.742
Borland Software Interbase Wi-v6.0.0.627
Borland Software Interbase Wi 5.1.1.680
Borland Software Interbase Wi 8.1.0.257
12 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »