Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pivot pivot vulnerabilities and exploits
(subscribe to this query)
801
VMScore
CVE-2018-11786
In Apache Karaf before 4.2.0 release, if the sshd service in Karaf is left on so an administrator can manage the running instance, any user with rights to the Karaf console can pivot and read/write any file on the file system to which the Karaf process user has access. This can b...
Apache Karaf
NA
CVE-2023-37261
OpenComputers is a Minecraft mod that adds programmable computers and robots to the game. This issue affects every version of OpenComputers with the Internet Card feature enabled; that is, OpenComputers 1.2.0 until 1.8.3 in their most common, default configurations. If the OpenCo...
Opencomputers Opencomputers
790
VMScore
CVE-2022-20707
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an malicious user to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch ...
Cisco Rv340 Firmware
Cisco Rv340w Firmware
Cisco Rv345 Firmware
Cisco Rv345p Firmware
1 Metasploit module
790
VMScore
CVE-2022-20705
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an malicious user to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch ...
Cisco Rv340 Firmware
Cisco Rv340w Firmware
Cisco Rv345 Firmware
Cisco Rv345p Firmware
Cisco Rv160 Firmware
Cisco Rv160w Firmware
Cisco Rv260 Firmware
Cisco Rv260p Firmware
Cisco Rv260w Firmware
1 Metasploit module
NA
CVE-2024-23644
Trillium is a composable toolkit for building internet applications with async rust. In `trillium-http` before 0.3.12 and `trillium-client` before 0.5.4, insufficient validation of outbound header values may lead to request splitting or response splitting attacks in scenarios whe...
Trillium Trillium-http
Trillium Trillium
445
VMScore
CVE-2020-10291
Visual Components (owned by KUKA) is a robotic simulator that allows simulating factories and robots in order toimprove planning and decision-making processes. Visual Components software requires a special license which can beobtained from a network license server. The network li...
Kuka Visual Components Network License Server 2.0.8
445
VMScore
CVE-2021-30201
The API /vsaWS/KaseyaWS.asmx can be used to submit XML to the system. When this XML is processed (external) entities are insecurely processed and fetched by the system and returned to the attacker. Detailed description Given the following request: ``` POST /vsaWS/KaseyaWS.asmx HT...
Kaseya Vsa
940
VMScore
CVE-2022-20828
A vulnerability in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module could allow an authenticated, remote malicious user to execute arbitrary commands on the underlying operating system of an affected ASA FirePOWER module as the roo...
Cisco Asa Firepower
1 Metasploit module
1 Github repository
1 Article
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3