Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
server vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2019-1663
A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote malicious user to execute arbitrary code on an affect...
Cisco Rv110w Firmware
Cisco Rv130w Firmware
Cisco Rv215w Firmware
3 EDB exploits
1 Metasploit module
3 Github repositories
1 Article
1000
VMScore
CVE-2018-17153
It exists that the Western Digital My Cloud device prior to 2.30.196 is affected by an authentication bypass vulnerability. An unauthenticated attacker can exploit this vulnerability to authenticate as an admin user without needing to provide a password, thereby gaining full cont...
Western Digital My Cloud Wdbctl0020hwt Firmware
Western Digital My Cloud Pr4100
Western Digital My Cloud Pr2100 Firmware
Western Digital My Cloud Mirror Gen 2 Firmware
Western Digital My Cloud Mirror Firmware
Western Digital My Cloud Ex4100
Western Digital My Cloud Ex4 Firmware
Western Digital My Cloud Ex2100 Firmware
Western Digital My Cloud Ex2 Ultra Firmware
Western Digital My Cloud Ex2 Firmware
Western Digital My Cloud Dl4100 Firmware
Western Digital My Cloud Dl2100
1 Metasploit module
1 Article
1000
VMScore
CVE-2018-11652
CSV Injection vulnerability in Nikto 2.1.6 and previous versions allows remote malicious users to inject arbitrary OS commands via the Server field in an HTTP response header, which is directly injected into a CSV report.
Cirt.net Nikto
1 EDB exploit
1000
VMScore
CVE-2018-7573
An issue exists in FTPShell Client 6.7. A remote FTP server can send 400 characters of 'F' in conjunction with the FTP 220 response code to crash the application; after this overflow, one can run arbitrary code on the victim machine. This is similar to CVE-2009-3364 and...
Ftpshell Ftpshell Client 6.70
2 EDB exploits
1000
VMScore
CVE-2018-0101
A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote malicious user to cause a reload of the affected system or to remotely execute code. The vulnerability is due to an a...
Cisco Adaptive Security Appliance Software
Cisco Firepower Threat Defense 6.0.0
Cisco Firepower Threat Defense 6.0.1
Cisco Firepower Threat Defense 6.2.0
Cisco Firepower Threat Defense 6.1.0
Cisco Firepower Threat Defense 6.2.2
Cisco Firepower Threat Defense 6.2.1
1 EDB exploit
6 Github repositories
1000
VMScore
CVE-2018-5997
An issue exists in the HTTP Server in RAVPower Filehub 2.000.056. Due to an unrestricted upload feature and a path traversal vulnerability, it is possible to upload a file on a filesystem with root privileges: this will lead to remote code execution as root.
Ravpower Filehub Firmware 2.000.056
1 EDB exploit
1000
VMScore
CVE-2017-13696
A buffer overflow vulnerability lies in the web server component of Dup Scout Enterprise 9.9.14, Disk Savvy Enterprise 9.9.14, Sync Breeze Enterprise 9.9.16, and Disk Pulse Enterprise 9.9.16 where an attacker can craft a malicious GET request and exploit the web server component....
Flexense Dupscout 9.9.14
Flexense Disksavvy 9.9.14
Flexense Syncbreeze 9.9.16
Flexense Diskpulse 9.9.16
1000
VMScore
CVE-2018-5347
Seagate Media Server in Seagate Personal Cloud has unauthenticated command injection in the uploadTelemetry and getLogs functions in views.py because .psp URLs are handled by the fastcgi.server component and shell metacharacters are mishandled.
Seagate Personal Cloud Firmware -
1 EDB exploit
1000
VMScore
CVE-2017-16934
The web server on DBL DBLTek devices allows remote malicious users to execute arbitrary OS commands by obtaining the admin password via a frame.html?content=/dev/mtdblock/5 request, and then using this password for the HTTP Basic Authentication needed for a change_password.csp re...
Dbltek Web Server -
1 EDB exploit
1000
VMScore
CVE-2017-12635
Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is possible in Apache CouchDB prior to 1.7.0 and 2.x prior to 2.1.1 to submit _users documents with duplicate keys for 'roles' used for access control within the database, including ...
Apache Couchdb
Apache Couchdb 2.0.0
2 EDB exploits
6 Github repositories
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »