Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
securiteam vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-1771
Directory traversal vulnerability in misc in pbcs.dll in SAXoTECH SAXoPRESS, aka Saxotech Online (formerly Publicus) allows remote malicious users to read arbitrary files and possibly execute arbitrary programs via a .. (dot dot) in the url parameter.
Saxotech Saxopress
1 EDB exploit
10
CVSSv2
CVE-2017-5815
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.
Hp Intelligent Management Center 7.3
Hp Intelligent Management Center
1 EDB exploit
5
CVSSv2
CVE-2017-14335
On Beijing Hanbang Hanbanggaoke devices, because user-controlled input is not sufficiently sanitized, sending a PUT request to /ISAPI/Security/users/1 allows an admin password change.
Hbgk Hb7024xt Firmware -
Hbgk Hb7032xt Firmware -
Hbgk Hb7008t2 Firmware -
Hbgk Hb7016t2 Firmware -
Hbgk Hb7204xt Firmware -
Hbgk Hb7208xt Firmware -
Hbgk Hb7216xt Firmware -
Hbgk Hb7208x3 Firmware -
Hbgk Hb7216x3 Firmware -
Hbgk Hb7204x Firmware -
Hbgk Hb7208x Firmware -
Hbgk Hb7216x Firmware -
Hbgk 7204xr Firmware -
Hbgk 7208xr Firmware -
Hbgk 7216xr Firmware -
Hbgk Hb7004k Firmware -
Hbgk Hb7004kh Firmware -
Hbgk Hb7008kc Firmware -
Hbgk Hb7008kce Firmware -
Hbgk Hb7008kh Firmware -
Hbgk Hb7008khe Firmware -
Hbgk Hb7204kl Firmware -
1 EDB exploit
7.5
CVSSv2
CVE-2018-15379
A vulnerability in which the HTTP web server for Cisco Prime Infrastructure (PI) has unrestricted directory permissions could allow an unauthenticated, remote malicious user to upload an arbitrary file. This file could allow the malicious user to execute commands at the privilege...
Cisco Prime Infrastructure 3.2(0.0)
Cisco Prime Infrastructure 3.3(0.0)
Cisco Prime Infrastructure 3.2
Cisco Prime Infrastructure 3.2(1.0)
Cisco Prime Infrastructure 3.2(2.0)
Cisco Prime Infrastructure 3.4(0.0)
Cisco Prime Infrastructure 3.5(0.0)
Cisco Prime Infrastructure 3.3
Cisco Prime Infrastructure 3.4
1 EDB exploit
7.5
CVSSv2
CVE-2002-0637
InterScan VirusWall 3.52 build 1462 allows remote malicious users to bypass virus protection via e-mail messages with headers that violate RFC specifications by having (or missing) space characters in unexpected places (aka "space gap"), such as (1) Content-Type :"...
Trend Micro Interscan Viruswall 3.52
1 EDB exploit
8.5
CVSSv2
CVE-2016-3542
Unspecified vulnerability in the Oracle Knowledge Management component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote administrators to affect confidentiality and integrity via unknown vectors.
Oracle Knowledge Management 12.1.3
Oracle Knowledge Management 12.2.5
Oracle Knowledge Management 12.2.4
Oracle Knowledge Management 12.2.3
Oracle Knowledge Management 12.1.2
Oracle Knowledge Management 12.1.1
1 EDB exploit
7.2
CVSSv2
CVE-2017-12243
A vulnerability in the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local malicious user to obtain root shell privileges on the device, aka Comm...
Cisco Unified Computing System Manager Firmware -
Cisco Firepower 9300 Security Appliance Firmware -
Cisco Firepower 4100 Next-generation Firewall Firmware -
1 EDB exploit
6.8
CVSSv2
CVE-2017-12653
360 Total Security 9.0.0.1202 prior to 2017-07-07 allows Privilege Escalation via a Trojan horse Shcore.dll file in any directory in the PATH, as demonstrated by the C:\Python27 directory.
360totalsecurity 360 Total Security
1 EDB exploit
5
CVSSv2
CVE-2017-11456
Geneko GWR routers allow directory traversal sequences starting with a /../ substring, as demonstrated by unauthenticated read access to the configuration file.
Geneko Gwr352 3g Router Firmware -
Geneko Gwr352wv Wide Voltage 3g Router Firmware -
Geneko Gwr252 Edge Router Firmware -
Geneko Gwr202 Gprs Router Firmware -
1 EDB exploit
10
CVSSv2
CVE-2017-11467
OrientDB up to and including 2.2.22 does not enforce privilege requirements during "where" or "fetchplan" or "order by" use, which allows remote malicious users to execute arbitrary OS commands via a crafted request.
Orientdb Orientdb
1 EDB exploit
2 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »