Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file reporter vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-23355
This affects all versions of package ps-kill. If (attacker-controlled) user input is given to the kill function, it is possible for an malicious user to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization in the index.js fi...
Ps-kill Project Ps-kill
2.6
CVSSv2
CVE-2005-1347
** UNVERIFIABLE ** NOTE: this issue describes a problem that can not be independently verified as of 20050421. Adobe Acrobat reader (AcroRd32.exe) 6.0 and previous versions allows remote malicious users to cause a denial of service ("Invalid-ID-Handle-Error" error) and ...
Adobe Acrobat Reader 5.0.10
Adobe Acrobat Reader 3.0
Adobe Acrobat Reader 6.0
6.8
CVSSv2
CVE-2016-5637
The restore_tqb_pixels function in libbpg 0.9.5 up to and including 0.9.7 mishandles the transquant_bypass_enable_flag value, which allows remote malicious users to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted BPG image, related to a &qu...
Libbpg Project Libbpg
4.8
CVSSv2
CVE-2017-3209
The DBPOWER U818A WIFI quadcopter drone provides FTP access over its own local access point, and allows full file permissions to the anonymous user. The DBPower U818A WIFI quadcopter drone runs an FTP server that by default allows anonymous access without a password, and provides...
Dbpower U818a Firmware -
10
CVSSv2
CVE-2015-2874
Seagate GoFlex Satellite, Seagate Wireless Mobile Storage, Seagate Wireless Plus Mobile Storage, and LaCie FUEL devices with firmware prior to 3.4.1.105 have a default password of root for the root account, which allows remote malicious users to obtain administrative access via a...
Seagate Wireless Plus Mobile Storage
Seagate Wireless Mobile Storage
Lacie Lac9000464u Firmware
Lacie Lac9000436u Firmware
Seagate Goflex Sattelite
7.8
CVSSv2
CVE-2015-2875
Absolute path traversal vulnerability on Seagate GoFlex Satellite, Seagate Wireless Mobile Storage, Seagate Wireless Plus Mobile Storage, and LaCie FUEL devices with firmware prior to 3.4.1.105 allows remote malicious users to read arbitrary files via a full pathname in a downloa...
Seagate Goflex Sattelite
Seagate Wireless Plus Mobile Storage
Seagate Wireless Mobile Storage
Lacie Lac9000464u Firmware
Lacie Lac9000436u Firmware
8.3
CVSSv2
CVE-2015-2876
Unrestricted file upload vulnerability on Seagate GoFlex Satellite, Seagate Wireless Mobile Storage, Seagate Wireless Plus Mobile Storage, and LaCie FUEL devices with firmware prior to 3.4.1.105 allows remote malicious users to execute arbitrary code by uploading a file to /media...
Lacie Lac9000436u Firmware
Lacie Lac9000464u Firmware
Seagate Wireless Plus Mobile Storage
Seagate Wireless Mobile Storage
Seagate Goflex Sattelite
4.9
CVSSv2
CVE-2020-8834
KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in kvmppc_{save,restore}_tm, leading to a stack corruption. Because of this, an attacker with the ability run code in kernel space of a guest VM can caus...
Linux Linux Kernel -
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Opensuse Leap 15.1
4.3
CVSSv2
CVE-2018-1302
When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.30 could have written a NULL pointer potentially to an already freed memory. The memory pools maintained by the server make this vulnerability hard to trigger in usual configurati...
Apache Http Server
Canonical Ubuntu Linux 18.04
Netapp Santricity Cloud Connector -
Netapp Storage Automation Store -
Netapp Storagegrid -
Netapp Clustered Data Ontap -
9
CVSSv2
CVE-2016-4965
Fortinet FortiWan (formerly AscernLink) prior to 4.2.5 allows remote authenticated users with access to the nslookup functionality to execute arbitrary commands with root privileges via the graph parameter to diagnosis_control.php.
Fortinet Fortiwan
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »