Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
brandon perry vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-3220
F5 BIG-IQ Cloud and Security 4.0.0 up to and including 4.1.0 allows remote authenticated users to change the password of arbitrary users via the name parameter in a request to the user's page in mgmt/shared/authz/users/.
F5 Big-iq 4.1.0.2013.0
1 EDB exploit
NA
CVE-2014-0644
EMC Cloud Tiering Appliance (CTA) 10 through SP1 allows remote malicious users to read arbitrary files via an api/login request containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, as demonstrated by...
Emc Cloud Tiering Appliance Software 10.0
Emc Cloud Tiering Appliance -
1 EDB exploit
NA
CVE-2014-9000
Mule Enterprise Management Console (MMC) does not properly restrict access to handler/securityService.rpc, which allows remote authenticated users to gain administrator privileges and execute arbitrary code via a crafted request that adds a new user. NOTE: this issue was original...
Mulesoft Mule Enterprise Management Console -
1 EDB exploit
9.8
CVSSv3
CVE-2005-2103
Buffer overflow in the AIM and ICQ module in Gaim prior to 1.5.0 allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via an away message with a large number of AIM substitution strings, such as %t or %n.
Gaim Project Gaim
1 EDB exploit
NA
CVE-2014-2612
Unspecified vulnerability in HP Release Control 9.x prior to 9.13 p3 and 9.2x before RC 9.21.0003 p1 on Windows and 9.2x before RC 9.21.0002 p1 on Linux allows remote authenticated users to obtain sensitive information via unknown vectors.
Hp Release Control 9.20
Hp Release Control 9.21
Hp Release Control 9.1
Hp Release Control 9.11
Hp Release Control 9.12
Hp Release Control 9.13
1 EDB exploit
NA
CVE-2014-2587
SQL injection vulnerability in jsp/reports/ReportsAudit.jsp in McAfee Asset Manager 6.6 allows remote authenticated users to execute arbitrary SQL commands via the username of an audit report (aka user parameter).
Mcafee Asset Manager 6.6
1 EDB exploit
NA
CVE-2014-2588
Directory traversal vulnerability in servlet/downloadReport in McAfee Asset Manager 6.6 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the reportFileName parameter.
Mcafee Asset Manager 6.6
1 EDB exploit
NA
CVE-2014-2937
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-3220. Reason: This candidate is a reservation duplicate of CVE-2014-3220. Notes: All CVE users should reference CVE-2014-3220 instead of this candidate. All references and descriptions in this candidate have ...
1 EDB exploit
NA
CVE-2014-3008
Unitrends Enterprise Backup 7.3.0 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the comm parameter to recoveryconsole/bpl/snmpd.php.
Unitrends Enterprise Backup 7.3.0
1 EDB exploit
9.1
CVSSv3
CVE-2021-21809
A command execution vulnerability exists in the default legacy spellchecker plugin in Moodle 3.10. A specially crafted series of HTTP requests can lead to command execution. An attacker must have administrator privileges to exploit this vulnerabilities.
Moodle Moodle 3.10.0
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »