Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
securiteam vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2017-15235
The File Manager (gollem) module 3.0.11 in Horde Groupware 5.2.21 allows remote malicious users to bypass Horde authentication for file downloads via a crafted fn parameter that corresponds to the exact filename.
Horde Groupware 5.2.21
1 EDB exploit
5
CVSSv2
CVE-2017-15236
Tiandy IP cameras 5.56.17.120 do not properly restrict a certain proprietary protocol, which allows remote malicious users to read settings via a crafted request to TCP port 3001, as demonstrated by config* files and extendword.txt.
Tiandy Tiandy Ip Camera Firmware 5.56.17.120
1 EDB exploit
NA
CVE-2017-12854
Sophos XG Firewall 16.05.4 MR-4 - Path Traversal
1 EDB exploit
4.3
CVSSv2
CVE-2003-1522
Cross-site scripting (XSS) vulnerability in PSCS VPOP3 Web Mail server 2.0e and 2.0f allows remote malicious users to inject arbitrary web script or HTML via the redirect parameter to the admin/index.html page.
Pscs Vpop3 Web Mail Server 2.0e
Pscs Vpop3 Web Mail Server 2.0f
1 EDB exploit
5
CVSSv2
CVE-2004-0295
TsFtpSrv.exe in Broker FTP 6.1.0.0 allows remote malicious users to cause a denial of service (CPU consumption) via an open idle connection.
Transsoft Broker Ftp Server 6.1 .0.0
1 EDB exploit
NA
CVE-2017-2796
Nitro Pro PDF - Multiple Vulnerabilities
1 EDB exploit
7.5
CVSSv2
CVE-2017-3897
A Code Injection vulnerability in the non-certificate-based authentication mechanism in McAfee Live Safe versions before 16.0.3 and McAfee Security Scan Plus (MSS+) versions before 3.11.599.3 allows network malicious users to perform a malicious file execution via a HTTP backend-...
Mcafee Livesafe
Mcafee Security Scan Plus
1 EDB exploit
4.3
CVSSv2
CVE-2017-3898
A man-in-the-middle attack vulnerability in the non-certificate-based authentication mechanism in McAfee LiveSafe (MLS) versions before 16.0.3 allows network malicious users to modify the Windows registry value associated with the McAfee update via the HTTP backend-response.
Mcafee Livesafe
1 EDB exploit
5
CVSSv2
CVE-2018-6460
Hotspot Shield runs a webserver with a static IP address 127.0.0.1 and port 895. The web server uses JSONP and hosts sensitive information including configuration. User controlled input is not sufficiently filtered: an unauthenticated attacker can send a POST request to /status.j...
Anchorfree Hotspot Shield -
1 EDB exploit
10
CVSSv2
CVE-2017-16934
The web server on DBL DBLTek devices allows remote malicious users to execute arbitrary OS commands by obtaining the admin password via a frame.html?content=/dev/mtdblock/5 request, and then using this password for the HTTP Basic Authentication needed for a change_password.csp re...
Dbltek Web Server -
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »