Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
securiteam vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-11467
OrientDB up to and including 2.2.22 does not enforce privilege requirements during "where" or "fetchplan" or "order by" use, which allows remote malicious users to execute arbitrary OS commands via a crafted request.
Orientdb Orientdb
1 EDB exploit
2 Github repositories
7.5
CVSSv3
CVE-2017-11469
get2post.php in IDERA Uptime Monitor 7.8 has directory traversal in the file_name parameter.
Idera Uptime Infrastructure Monitor 7.8
1 EDB exploit
9.8
CVSSv3
CVE-2017-11470
IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatifGadget/getxenmetrics.php via the element parameter.
Idera Uptime Infrastructure Monitor 7.8
1 EDB exploit
9.8
CVSSv3
CVE-2017-11471
IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatIfGadget/getmetrics.php via the element parameter.
Idera Uptime Infrastructure Monitor 7.8
1 EDB exploit
9.8
CVSSv3
CVE-2017-11502
Technicolor DPC3928AD DOCSIS devices allow remote malicious users to read arbitrary files via a request starting with "GET /../" on TCP port 4321.
Cisco Dpc3928ad Docsis Wireless Router Firmware -
1 EDB exploit
7.3
CVSSv3
CVE-2017-11657
Dashlane might allow local users to gain privileges by placing a Trojan horse WINHTTP.dll in the %APPDATA%\Dashlane directory.
Dashlane Dashlane -
1 EDB exploit
NA
CVE-2004-0295
TsFtpSrv.exe in Broker FTP 6.1.0.0 allows remote malicious users to cause a denial of service (CPU consumption) via an open idle connection.
Transsoft Broker Ftp Server 6.1 .0.0
1 EDB exploit
NA
CVE-2017-12854
Sophos XG Firewall 16.05.4 MR-4 - Path Traversal
1 EDB exploit
9.8
CVSSv3
CVE-2017-16934
The web server on DBL DBLTek devices allows remote malicious users to execute arbitrary OS commands by obtaining the admin password via a frame.html?content=/dev/mtdblock/5 request, and then using this password for the HTTP Basic Authentication needed for a change_password.csp re...
Dbltek Web Server -
1 EDB exploit
7.5
CVSSv3
CVE-2017-11456
Geneko GWR routers allow directory traversal sequences starting with a /../ substring, as demonstrated by unauthenticated read access to the configuration file.
Geneko Gwr352 3g Router Firmware -
Geneko Gwr352wv Wide Voltage 3g Router Firmware -
Geneko Gwr252 Edge Router Firmware -
Geneko Gwr202 Gprs Router Firmware -
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »