Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
spencer vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-9769
A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProcess allowing a handle to be opened to an arbitrary process.
Razer Synapse 2.20.15.1104
1 EDB exploit
1 Github repository
9.8
CVSSv3
CVE-2021-22652
Access to the Advantech iView versions prior to v5.7.03.6112 configuration are missing authentication, which may allow an unauthorized malicious user to change the configuration and obtain code execution.
Advantech Iview
9.8
CVSSv3
CVE-2020-0646
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka '.NET Framework Remote Code Execution Injection Vulnerability'.
Microsoft .net Framework 3.0
Microsoft .net Framework 3.5
Microsoft .net Framework 4.6.2
Microsoft .net Framework 4.7
Microsoft .net Framework 4.7.1
Microsoft .net Framework 4.7.2
Microsoft .net Framework 4.8
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.5.2
Microsoft .net Framework 4.6
Microsoft .net Framework 4.6.1
12 Github repositories
2 Articles
9.8
CVSSv3
CVE-2021-26295
Apache OFBiz has unsafe deserialization before 17.12.06. An unauthenticated attacker can use this vulnerability to successfully take over Apache OFBiz.
Apache Ofbiz
9 Github repositories
8.8
CVSSv3
CVE-2022-23642
Sourcegraph is a code search and navigation engine. Sourcegraph prior to version 3.37 is vulnerable to remote code execution in the `gitserver` service. The service acts as a git exec proxy, and fails to properly restrict calling `git config`. This allows an malicious user to set...
Sourcegraph Sourcegraph
1 Github repository
8.8
CVSSv3
CVE-2021-31181
Microsoft SharePoint Remote Code Execution Vulnerability
Microsoft Sharepoint Foundation 2013
Microsoft Sharepoint Enterprise Server 2016
Microsoft Sharepoint Server 2019
8.8
CVSSv3
CVE-2023-38146
Windows Themes Remote Code Execution Vulnerability
Microsoft Windows 11 22h2
Microsoft Windows 11 21h2
5 Github repositories
NA
CVE-2014-1761
Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Word Viewer; Office Compatibility Pack SP3; Office for Mac 2011; Word Automation Services on SharePoint Server 2010 SP1 and SP2 and 2013; Office Web Apps 2010 SP1 and SP2; and Office Web Apps Server 2013 allo...
Microsoft Word 2010
Microsoft Word 2003
Microsoft Office Web Apps 2010
Microsoft Sharepoint Server 2013
Microsoft Word Viewer
Microsoft Word 2013
Microsoft Office Web Apps Server 2013
Microsoft Office 2011
Microsoft Office Compatibility Pack
Microsoft Sharepoint Server 2010
Microsoft Word 2007
1 EDB exploit
1 Github repository
6 Articles
9.8
CVSSv3
CVE-2023-0297
Code Injection in GitHub repository pyload/pyload before 0.5.0b3.dev31.
Pyload Pyload
7 Github repositories
6.5
CVSSv3
CVE-2023-39265
Apache Superset would allow for SQLite database connections to be incorrectly registered when an attacker uses alternative driver names like sqlite+pysqlite or by using database imports. This could allow for unexpected file creation on Superset webservers. Additionally, if Apache...
Apache Superset
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »