Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
server vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2023-38490
Kirby is a content management system. A vulnerability in versions before 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6 only affects Kirby sites that use the `Xml` data handler (e.g. `Data::decode($string, 'xml')`) or the `Xml::parse()` method in site or plugin code. The...
Getkirby Kirby
10
CVSSv3
CVE-2023-3432
Server-Side Request Forgery (SSRF) in GitHub repository plantuml/plantuml before 1.2023.9.
Plantuml Plantuml
Fedoraproject Fedora 39
10
CVSSv3
CVE-2023-1748
The listed versions of Nexx Smart Home devices use hard-coded credentials. An attacker with unauthenticated access to the Nexx Home mobile application or the affected firmware could view the credentials and access the MQ Telemetry Server (MQTT) server and the ability to remotely ...
Getnexx Nxal-100 Firmware
Getnexx Nxg-100b Firmware
Getnexx Nxpg-100w Firmware
Getnexx Nxg-200 Firmware
1 Article
10
CVSSv3
CVE-2022-43931
Out-of-bounds write vulnerability in Remote Desktop Functionality in Synology VPN Plus Server prior to 1.4.3-0534 and 1.4.4-0635 allows remote malicious users to execute arbitrary commands via unspecified vectors.
Synology Vpn Plus Server
10
CVSSv3
CVE-2022-38650
A remote unauthenticated insecure deserialization vulnerability exists in VMware Hyperic Server 5.8.6. Exploitation of this vulnerability enables a malicious party to run arbitrary code or malware within Hyperic Server and the host operating system with the privileges of the Hype...
Vmware Hyperic Server 5.8.6
10
CVSSv3
CVE-2022-3703
All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior’s web portal is vulnerable to accepting malicious firmware packages that could provide a backdoor to an attacker and provide privilege escalation to the device.
Etictelecom Remote Access Server Firmware
10
CVSSv3
CVE-2022-40981
All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior is vulnerable to malicious file upload. An attacker could take advantage of this to store malicious files on the server, which could override sensitive and useful existing files on the filesystem, fill the ha...
Etictelecom Remote Access Server Firmware
10
CVSSv3
CVE-2022-32158
Splunk Enterprise deployment servers in versions prior to 8.1.10.1, 8.2.6.1, and 9.0 let clients deploy forwarder bundles to other deployment clients through the deployment server. An attacker that compromised a Universal Forwarder endpoint could use the vulnerability to execute ...
Splunk Splunk
10
CVSSv3
CVE-2022-25226
ThinVNC version 1.0b1 allows an unauthenticated user to bypass the authentication process via 'http://thin-vnc:8080/cmd?cmd=connect' by obtaining a valid SID without any kind of authentication. It is possible to achieve code execution on the server by sending keyboard o...
Cybelsoft Thinvnc 1.0
10
CVSSv3
CVE-2022-24760
Parse Server is an open source http web server backend. In versions before 4.10.7 there is a Remote Code Execution (RCE) vulnerability in Parse Server. This vulnerability affects Parse Server in the default configuration with MongoDB. The main weakness that leads to RCE is the Pr...
Parseplatform Parse-server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »