Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redteam-pentesting.de vulnerabilities and exploits
(subscribe to this query)
828
VMScore
CVE-2014-8886
AVM FRITZ!OS prior to 6.30 extracts the contents of firmware updates before verifying their cryptographic signature, which allows remote malicious users to create symlinks or overwrite critical files, and consequently execute arbitrary code, via a crafted firmware image.
Avm Fritz\\! Os
891
VMScore
CVE-2021-40859
Backdoors were discovered in Auerswald COMpact 5500R 7.8A and 8.0B devices, that allow attackers with access to the web based management application full administrative access to the device.
Auerswald Compact 5500r Firmware 7.8a
Auerswald Compact 5500r Firmware 8.0b
3 Github repositories
445
VMScore
CVE-2007-3012
The web interface in Fujitsu-Siemens Computers PRIMERGY BX300 Switch Blade allows remote malicious users to obtain sensitive information by canceling the authentication dialog when accessing a sub-page, which still displays the form field contents of the sub-page, as demonstrated...
Fujitsu Primergy Bx300
383
VMScore
CVE-2015-2804
The management web interface in Alcatel-Lucent OmniSwitch 6450, 6250, 6850E, 9000E, 6400, and 6855 with firmware prior to 6.6.4.309.R01 and 6.6.5.x prior to 6.6.5.80.R02 generates weak session identifiers, which allows remote malicious users to hijack arbitrary sessions via a bru...
Alcatel-lucent Omniswitch Firmware
NA
CVE-2022-42953
Certain ZKTeco products (ZEM500-510-560-760, ZEM600-800, ZEM720, ZMM) allow access to sensitive information via direct requests for the form/DataApp?style=1 and form/DataApp?style=0 URLs. The affected versions may be prior to 8.88 (ZEM500-510-560-760, ZEM600-800, ZEM720) and 15.0...
Zkteco Zmm200 Firmware
Zkteco Zmm210 Firmware
Zkteco Zmm220 Firmware
Zkteco Zem720 Firmware
Zkteco Zem600 Firmware
Zkteco Zem800 Firmware
Zkteco Zem510 Firmware
Zkteco Zem560 Firmware
Zkteco Zem760 Firmware
Zkteco Zem500 Firmware
383
VMScore
CVE-2019-19265
IceWarp WebMail Server 12.2.0 and 12.1.x prior to 12.2.1.1 (and probably earlier versions) allows XSS (issue 1 of 2) in notes for contacts.
Icewarp Mail Server
312
VMScore
CVE-2019-19266
IceWarp WebMail Server 12.2.0 and 12.1.x prior to 12.2.1.1 (and probably earlier versions) allows XSS (issue 2 of 2) in notes for objects.
Icewarp Mail Server
890
VMScore
CVE-2019-9891
The function getopt_simple as described in Advanced Bash Scripting Guide (ISBN 978-1435752184) allows privilege escalation and execution of commands when used in a shell script called, for example, via sudo.
Tldp Advanced Bash-scripting Guide
445
VMScore
CVE-2019-13549
Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. The authentication mechanism on affected systems does not provide a sufficient level of protection against unauthorized configuration changes. Primary operations, namely turning...
Carel Pcoweb Firmware
890
VMScore
CVE-2019-13553
Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. The authentication mechanism on affected systems is configured using hard-coded credentials. These credentials could allow malicious users to influence the primary operations of...
Carel Pcoweb Firmware
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »