Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-32510
An issue exists on certain Nuki Home Solutions devices. The HTTP API exposed by a Bridge used an unencrypted channel to provide an administrative interface. A token can be easily eavesdropped by a malicious actor to impersonate a legitimate user and gain access to the full set of...
NA
CVE-2022-32504
An issue exists on certain Nuki Home Solutions devices. The code used to parse the JSON objects received from the WebSocket service provided by the device leads to a stack buffer overflow. An attacker would be able to exploit this to gain arbitrary code execution on a KeyTurner d...
NA
CVE-2022-32502
An issue exists on certain Nuki Home Solutions devices. There is a buffer overflow over the encrypted token parsing logic in the HTTP service that allows remote code execution. This affects Nuki Bridge v1 prior to 1.22.0 and v2 prior to 2.13.2.
NA
CVE-2022-32503
An issue exists on certain Nuki Home Solutions devices. An attacker with physical access to this JTAG port may be able to connect to the device and bypass both hardware and software security protections. This affects Nuki Keypad prior to 1.9.2 and Nuki Fob prior to 1.8.1.
NA
CVE-2022-32508
An issue exists on certain Nuki Home Solutions devices. By sending a malformed HTTP verb, it is possible to force a reboot of the device. This affects Nuki Bridge v1 prior to 1.22.0 and v2 prior to 2.13.2.
NA
CVE-2024-29996
Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2024-29996)
NA
CVE-2024-30025
Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2024-30025)
NA
CVE-2024-30032
Microsoft Windows DWM Core Library Elevation of Privilege (CVE-2024-30032)
NA
CVE-2024-30034
Microsoft Windows Cloud Files Mini Filter Driver Information Disclosure (CVE-2024-30034)
NA
CVE-2024-30035
Microsoft Windows DWM Core Library Elevation of Privilege (CVE-2024-30035)
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »