Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
www server vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2019-14530
An issue exists in custom/ajax_download.php in OpenEMR prior to 5.0.2 via the fileName parameter. An attacker can download any file (that is readable by the user www-data) from server storage. If the requested file is writable for the www-data user and the directory /var/www/open...
Open-emr Openemr
3 Github repositories
NA
CVE-1999-0587
A WWW server is not running in a restricted file system, e.g. through a chroot, thus allowing access to system-critical data.
9.8
CVSSv3
CVE-2022-2104
The www-data (Apache web server) account is configured to run sudo with no password for many commands (including /bin/sh and /bin/bash).
Secheron Sepcos Control And Protection Relay Firmware
8.8
CVSSv3
CVE-2022-28108
Selenium Server (Grid) prior to 4 allows CSRF because it permits non-JSON content types such as application/x-www-form-urlencoded, multipart/form-data, and text/plain.
Selenium Selenium Grid 4.0.0
Selenium Selenium Grid
7.5
CVSSv3
CVE-2021-21240
httplib2 is a comprehensive HTTP client library for Python. In httplib2 before version 0.19.0, a malicious server which responds with long series of "\xa0" characters in the "www-authenticate" header may cause Denial of Service (CPU burn while parsing header) ...
Httplib2 Project Httplib2
9 Github repositories
NA
CVE-2010-2252
GNU Wget 1.12 and previous versions uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a 3xx redirect to a URL with a .wgetrc filename followed by ...
Gnu Wget 1.11.3
Gnu Wget 1.11.2
Gnu Wget 1.8.2
Gnu Wget 1.7
Gnu Wget 1.11.4
Gnu Wget 1.9
Gnu Wget 1.10
Gnu Wget 1.6
Gnu Wget 1.8
Gnu Wget 1.11.1
Gnu Wget 1.8.1
Gnu Wget 1.10.1
Gnu Wget 1.9.1
Gnu Wget 1.11
Gnu Wget
Gnu Wget 1.7.1
Gnu Wget 1.5.3
Gnu Wget 1.10.2
8.8
CVSSv3
CVE-2019-16061
A number of files on the NETSAS Enigma NMS server 65.0.0 and prior are granted weak world-readable and world-writable permissions, allowing any low privileged user with access to the system to read sensitive data (e.g., .htpasswd) and create/modify/delete content (e.g., under /va...
Netsas Enigma Network Management Solution
9.8
CVSSv3
CVE-2023-23607
erohtar/Dasherr is a dashboard for self-hosted services. In affected versions unrestricted file upload allows any unauthenticated user to execute arbitrary code on the server. The file /www/include/filesave.php allows for any file to uploaded to anywhere. If an attacker uploads a...
Dasherr Project Dasherr
4.7
CVSSv3
CVE-2023-20569
A side channel vulnerability on some of the AMD CPUs may allow an malicious user to influence the return address prediction. This may result in speculative execution at an attacker-controlled?address, potentially leading to information disclosure.
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Amd Ryzen 9 5950x Firmware
Amd Ryzen 9 5900x Firmware
Amd Ryzen 9 5900 Firmware
Amd Ryzen 9 Pro 5945 Firmware
Amd Ryzen 7 5800x3d Firmware
Amd Ryzen 7 5800x Firmware
Amd Ryzen 7 5800 Firmware
Amd Ryzen 7 5700x Firmware
Amd Ryzen 7 Pro 5845 Firmware
Amd Ryzen 5 5600x3d Firmware
Amd Ryzen 5 5600x Firmware
Amd Ryzen 5 5600 Firmware
Amd Ryzen 5 Pro 5645 Firmware
Amd Ryzen 7 5700 Firmware
Amd Ryzen 5 5500 Firmware
Amd Ryzen 3 5100 Firmware
Amd Ryzen 7 5700g Firmware
1 Article
9.8
CVSSv3
CVE-2021-44734
Embedded web server input sanitization vulnerability in Lexmark devices through 2021-12-07, which can which can lead to remote code execution on the device.
Lexmark B2236 Firmware
Lexmark Mb2236 Firmware
Lexmark Ms431 Firmware
Lexmark Ms331 Firmware
Lexmark M1342 Firmware
Lexmark B3442 Firmware
Lexmark B3340 Firmware
Lexmark Xm1342 Firmware
Lexmark Mx331 Firmware
Lexmark Mx431 Firmware
Lexmark Mb3442 Firmware
Lexmark Ms321 Firmware
Lexmark Ms421 Firmware
Lexmark Ms521 Firmware
Lexmark Ms621 Firmware
Lexmark M1242 Firmware
Lexmark M1246 Firmware
Lexmark B2338 Firmware
Lexmark B2442 Firmware
Lexmark B2546 Firmware
Lexmark B2650 Firmware
Lexmark Ms622 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »