Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
remote support vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-3515
A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.
Gnupg Libksba
Gpg4win Gpg4win
Gnupg Vs-desktop
Gnupg Gnupg
9.8
CVSSv3
CVE-2022-48195
An issue exists in Mellium mellium.im/sasl prior to 0.3.1. When performing SCRAM-based SASL authentication, if the remote end advertises support for channel binding, no random nonce is generated (instead, the nonce is empty). This causes authentication to fail in the best case, b...
Mellium Sasl 0.3.0
9.8
CVSSv3
CVE-2022-47377
Password recovery vulnerability in SICK SIM2000ST Partnumber 2086502 with firmware version <1.13.4 allows an unprivileged remote malicious user to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. This leads to a...
Sick Sim2000 Firmware
9.8
CVSSv3
CVE-2022-32221
When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously was used to issue a `PUT` request which used that callback. This f...
Haxx Curl
Netapp Clustered Data Ontap -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Apple Macos
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
1 Github repository
9.8
CVSSv3
CVE-2022-1471
SnakeYaml's Constructor() class does not restrict types which can be instantiated during deserialization. Deserializing yaml content provided by an attacker can lead to remote code execution. We recommend using SnakeYaml's SafeConsturctor when parsing untrusted content ...
Snakeyaml Project Snakeyaml
11 Github repositories
1 Article
9.8
CVSSv3
CVE-2022-31691
Spring Tools 4 for Eclipse version 4.16.0 and below as well as VSCode extensions such as Spring Boot Tools, Concourse CI Pipeline Editor, Bosh Editor and Cloudfoundry Manifest YML Support version 1.39.0 and below all use Snakeyaml library for YAML editing support. This library al...
Vmware Cloudfoundry Manifest Yml Support
Vmware Bosh Editor
Vmware Concourse Ci Pipeline Editor
Vmware Spring Tools
Vmware Spring Boot Tools
1 Github repository
9.8
CVSSv3
CVE-2022-27586
Password recovery vulnerability in SICK SIM1004 Partnumber 1098148 with firmware version <2.0.0 allows an unprivileged remote malicious user to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. This leads to an i...
Sick Sim1004-0p0g311 Firmware
9.8
CVSSv3
CVE-2022-27585
Password recovery vulnerability in SICK SIM1000 FX Partnumber 1097816 and 1097817 with firmware version <1.6.0 allows an unprivileged remote malicious user to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. Thi...
Sick Sim1000 Fx Firmware
9.8
CVSSv3
CVE-2022-40684
An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 up to and including 7.2.1 and 7.0.0 up to and including 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 up to and including 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0...
Fortinet Fortiswitchmanager 7.0.0
Fortinet Fortiswitchmanager 7.2.0
Fortinet Fortiproxy 7.2.0
Fortinet Fortiproxy
Fortinet Fortios
29 Github repositories
2 Articles
9.8
CVSSv3
CVE-2022-36063
Azure RTOS USBx is a USB host, device, and on-the-go (OTG) embedded stack, fully integrated with Azure RTOS ThreadX and available for all Azure RTOS ThreadX–supported processors. Azure RTOS USBX implementation of host support for USB CDC ECM includes an integer underflow an...
Microsoft Azure Rtos Usbx
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »