Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
t. weber vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2016-1234
Stack-based buffer overflow in the glob implementation in GNU C Library (aka glibc) prior to 2.24, when GLOB_ALTDIRFUNC is used, allows context-dependent malicious users to cause a denial of service (crash) via a long name.
Gnu Glibc
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Fedoraproject Fedora 23
5
CVSSv2
CVE-2018-20679
An issue exists in BusyBox prior to 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP server, client, and relay) allows a remote malicious user to leak sensitive information from the stack by sending a crafted DHCP message. This is related to verification in...
Busybox Busybox
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.10
5.8
CVSSv2
CVE-2018-11478
An issue exists on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The OBD port is used to receive measurement data and debug information from the car. This on-board diagnostics feature can also be used to send commands to the car (different for every vendor / car product line / car). No...
Vgate Icar 2 Wi-fi Obd2 Firmware -
NA
CVE-2022-32985
libnx_apl.so on Nexans FTTO GigaSwitch prior to 6.02N and 7.x prior to 7.02 implements a Backdoor Account for SSH logins on port 50200 or 50201.
Nexans Gigaswitch 641 Desk V5 Sfp-vi Firmware
Nexans Gigaswitch 642 Desk V5 Sfp-2vi Firmware
Nexans Gigaswitch V5 2tp\\(pd-f\\+\\) Sfp-vi 54vdc Firmware
Nexans Gigaswitch V5 2tp\\(pse\\+\\) Sfp-vi 54vdc Firmware
Nexans Gigaswitch V5 2tp Sfp-vi 54vdc Firmware
Nexans Gigaswitch V5 Sfp-2vi 230vac Firmware
Nexans Gigaswitch V5 Tp\\(pse\\+\\) Sfp-2vi 54vdc Firmware
Nexans Gigaswitch V5 Tp\\(pse\\+\\) Sfp-2vi 54vdc Ind Firmware
Nexans Gigaswitch V5 Tp\\(pse\\+\\) Sfp-2vi 54vdc Med Firmware
Nexans Gigaswitch V5 Tp Sfp-2vi 54vdc Firmware
Nexans Gigaswitch V5 Tp Sfp-2vi 54vdc Ind Firmware
Nexans Gigaswitch V5 Tp Sfp-2vi 54vdc Med Firmware
Nexans Gigaswitch V5 Tp Sfp-vi 230vac Firmware
6.8
CVSSv2
CVE-2020-12511
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a Cross-Site Request Forgery (CSRF) in the web interface.
Pepperl-fuchs Io-link Master 4-eip Firmware
Pepperl-fuchs Io-link Master 8-eip Firmware
Pepperl-fuchs Io-link Master 8-eip-l Firmware
Pepperl-fuchs Io-link Master Dr-8-eip Firmware
Pepperl-fuchs Io-link Master Dr-8-eip-p Firmware
Pepperl-fuchs Io-link Master Dr-8-eip-t Firmware
Pepperl-fuchs Io-link Master 4-pnio Firmware
Pepperl-fuchs Io-link Master 8-pnio Firmware
Pepperl-fuchs Io-link Master 8-pnio-l Firmware
Pepperl-fuchs Io-link Master Dr-8-pnio Firmware
Pepperl-fuchs Io-link Master Dr-8-pnio-p Firmware
Pepperl-fuchs Io-link Master Dr-8-pnio-t Firmware
9
CVSSv2
CVE-2020-12513
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection.
Pepperl-fuchs Io-link Master 4-eip Firmware
Pepperl-fuchs Io-link Master 8-eip Firmware
Pepperl-fuchs Io-link Master 8-eip-l Firmware
Pepperl-fuchs Io-link Master Dr-8-eip Firmware
Pepperl-fuchs Io-link Master Dr-8-eip-p Firmware
Pepperl-fuchs Io-link Master Dr-8-eip-t Firmware
Pepperl-fuchs Io-link Master 4-pnio Firmware
Pepperl-fuchs Io-link Master 8-pnio Firmware
Pepperl-fuchs Io-link Master 8-pnio-l Firmware
Pepperl-fuchs Io-link Master Dr-8-pnio Firmware
Pepperl-fuchs Io-link Master Dr-8-pnio-p Firmware
Pepperl-fuchs Io-link Master Dr-8-pnio-t Firmware
7.2
CVSSv2
CVE-2010-0296
The encode_name macro in misc/mntent_r.c in the GNU C Library (aka glibc or libc6) 2.11.1 and previous versions, as used by ncpmount and mount.cifs, does not properly handle newline characters in mountpoint names, which allows local users to cause a denial of service (mtab corrup...
Gnu Glibc 2.2.2
Gnu Glibc 2.9
Gnu Glibc 2.7
Gnu Glibc 2.1.2
Gnu Glibc 2.11
Gnu Glibc 2.0.5
Gnu Glibc 2.2.5
Gnu Glibc 2.0.6
Gnu Glibc 2.10.1
Gnu Glibc 2.1.1
Gnu Glibc 2.0.3
Gnu Glibc 2.3.1
Gnu Glibc 2.3
Gnu Glibc 2.0
Gnu Glibc 2.1.1.6
Gnu Glibc 2.3.10
Gnu Glibc 2.4
Gnu Glibc 2.1
Gnu Glibc 2.3.4
Gnu Glibc 2.1.9
Gnu Glibc 2.3.3
Gnu Glibc 2.6.1
5
CVSSv2
CVE-2019-5747
An issue exists in BusyBox up to and including 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP client, server, and/or relay) might allow a remote malicious user to leak sensitive information from the stack by sending a crafted DHCP message. This is related...
Busybox Busybox
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
9.3
CVSSv2
CVE-2020-16208
The affected product is vulnerable to cross-site request forgery, which may allow an malicious user to modify different configurations of a device by luring an authenticated user to click on a crafted link on the N-Tron 702-W / 702M12-W (all versions).
Redlion N-tron 702-w Firmware
Redlion N-tron 702m12-w Firmware
10
CVSSv2
CVE-2019-12549
WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain hardcoded private keys for the SSH daemon. The fingerprint of the SSH host key from the corresponding SSH daemon matches the embedded private key.
Wago 852-303 Firmware
Wago 852-1305 Firmware
Wago 852-1505 Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27842
CVE-2024-30657
CVE-2024-4534
hardcoded
SSRF
CVE-2024-21683
CVE-2024-5364
file upload
CVE-2024-5371
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »