Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
verizon vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2019-16769
The serialize-javascript npm package before version 2.1.1 is vulnerable to Cross-site Scripting (XSS). It does not properly mitigate against unsafe characters in serialized regular expressions. This vulnerability is not affected on Node.js environment since Node.js's impleme...
Verizon Serialize-javascript
8.1
CVSSv3
CVE-2020-7660
serialize-javascript before 3.1.0 allows remote malicious users to inject arbitrary code via the function "deleteFunctions" within "index.js".
Verizon Serialize-javascript
9.8
CVSSv3
CVE-2022-28369
Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 does not validate the user-provided URL within the crtcmode function's enable_ssh sub-operation of the crtcrpc JSON listener (found at /lib/functions/wnc_jsonsh/crtcmode.sh) A remote attacker on the local network can provid...
Verizon Lvskihp Indoorunit Firmware 3.4.66.162
NA
CVE-2014-5755
The verizon (aka com.wverizonwirelessbill) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Gunhillwireless Verizon 0.1
7.2
CVSSv3
CVE-2019-3914
Remote command injection vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows a remote, authenticated malicious user to execute arbitrary commands on the target device by adding an access control rule for a network object with a crafted hostna...
Verizon Fios Quantum Gateway G1100 Firmware 02.01.00.05
7.5
CVSSv3
CVE-2019-3915
Authentication Bypass by Capture-replay vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows an unauthenticated attacker with adjacent network access to intercept and replay login requests to gain access to the administrative web interface.
Verizon Fios Quantum Gateway G1100 Firmware 02.01.00.05
7.5
CVSSv3
CVE-2019-3916
Information disclosure vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows an remote, unauthenticated malicious user to retrieve the value of the password salt by simply requesting an API URL in a web browser (e.g. /api).
Verizon Fios Quantum Gateway G1100 Firmware 02.01.00.05
9.8
CVSSv3
CVE-2022-28373
Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 does not properly sanitize user-controlled parameters within the crtcreadpartition function of the crtcrpc JSON listener in /usr/lib/lua/luci/crtc.lua. A remote attacker on the local network can inject shell metacharacters to ac...
Verizon Lvskihp Indoorunit Firmware 3.4.66.162
9.8
CVSSv3
CVE-2022-28375
Verizon 5G Home LVSKIHP OutDoorUnit (ODU) 3.33.101.0 does not property sanitize user-controlled parameters within the crtcswitchsimprofile function of the crtcrpc JSON listener. A remote attacker on the local network can inject shell metacharacters into /usr/lib/lua/5.1/luci/cont...
Verizon Lvskihp Outdoorunit Firmware 3.33.101.0
NA
CVE-2013-4874
The Uboot bootloader on the Verizon Wireless Network Extender SCS-26UC4 allows physically proximate malicious users to obtain root access by connecting a crafted HDMI cable and using a sys session to modify the ramboot environment variable.
Verizon Wireless Network Extender Scs-26uc4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »