Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
id vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2004-2596
Quake II server before R1Q2, as used in multiple products, allows remote malicious users to cause a denial of service (exhaustion of connection slots) via a large number of connections from the same IP address.
Id Software Quake Ii Server 3.21
Id Software Quake Ii Server 3.20
5
CVSSv2
CVE-2004-2597
Quake II server before R1Q2, as used in multiple products, allows remote malicious users to bypass IP-based access control rules via a userinfo string that already contains an "ip" key/value pair but is also long enough to cause a new key/value pair to be truncated, whi...
Id Software Quake Ii Server 3.20
Id Software Quake Ii Server 3.21
7.5
CVSSv2
CVE-2006-3400
Stack-based buffer overflow in the CG_ServerCommand function in Quake 3 Engine as used by Soldier of Fortune 2 (SOF2MP) GOLD 1.03 allows remote malicious users to cause a denial of service and possibly execute code by sending a long command from the server.
Id Software Quake 3 Engine Icculus 812
Raven Software Soldier Of Fortune 2 1.03
Id Software Quake 3 Engine 1.32b
Id Software Quake 3 Engine 1.32c
1 EDB exploit
5
CVSSv2
CVE-2004-2595
Absolute path traversal vulnerability in Quake II server before R1Q2 on Linux, as used in multiple products, allows remote malicious users to cause a denial of service (application crash) via a download command with a full pathname for a directory in the argument, which causes th...
Id Software Quake Ii Server Linux 3.20
Id Software Quake Ii Server Linux 3.21
7.5
CVSSv2
CVE-2021-45411
In Sourcecodetester Printable Staff ID Card Creator System 1.0 after compromising the database via SQLi, an attacker can log in and leverage an arbitrary file upload vulnerability to obtain remote code execution.
Printable Staff Id Card Creator System Project Printable Staff Id Card Creator System 1.0
5
CVSSv2
CVE-2004-2594
Absolute path traversal vulnerability in Quake II server before R1Q2 on Windows, as used in multiple products, allows remote malicious users to read arbitrary files via a "\/" in a pathname argument, as demonstrated by "download \/server.cfg".
Id Software Quake Ii Server Windows 3.20
Id Software Quake Ii Server Windows 3.21
NA
CVE-2023-6073
Attacker can perform a Denial of Service attack to crash the ICAS 3 IVI ECU in a Volkswagen ID.3 (and other vehicles of the VW Group with the same hardware) and spoof volume setting commands to irreversibly turn on audio volume to maximum via REST API calls.
Volkswagen Id.3 Firmware
7.5
CVSSv2
CVE-2019-6139
Forcepoint User ID (FUID) server versions up to 1.2 have a remote arbitrary file upload vulnerability on TCP port 5001. Successful exploitation of this vulnerability may lead to remote code execution. To fix this vulnerability, upgrade to FUID version 1.3 or higher. To prevent th...
Forcepoint User Id
5.4
CVSSv2
CVE-2014-7433
The Student ID (aka com.computas.studentbevis) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Hioa Student Id 1.2
9
CVSSv2
CVE-2019-3906
Premisys Identicard version 3.1.190 contains hardcoded credentials in the WCF service on port 9003. An authenticated remote attacker can use these credentials to access the badge system database and modify its contents.
Identicard Premisys Id 3.1.190
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »