Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tcp vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-46604
The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire...
Apache Activemq
Apache Activemq Legacy Openwire Module
1 Metasploit module
28 Github repositories
1 Article
9.8
CVSSv3
CVE-2020-27631
In Oryx CycloneTCP 1.9.6, TCP ISNs are improperly random.
Oryx-embedded Cyclonetcp 1.9.6
9.8
CVSSv3
CVE-2020-27630
In Silicon Labs uC/TCP-IP 3.6.0, TCP ISNs are improperly random.
Silabs Uc\\/tcp-ip 3.6.0
9.8
CVSSv3
CVE-2023-35803
IQ Engine prior to 10.6r2 on Extreme Network AP devices has a Buffer Overflow.
Extremenetworks Iq Engine
1 Github repository
9.8
CVSSv3
CVE-2023-0925
Version 10.11 of webMethods OneData runs an embedded instance of Azul Zulu Java 11.0.15 which hosts a Java RMI registry (listening on TCP port 2099 by default) and two RMI interfaces (listening on a single, dynamically assigned TCP high port). Port 2099 serves as a Java Remote Me...
Softwareag Webmethods 10.11
9.8
CVSSv3
CVE-2023-35941
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, a malicious client is able to construct credentials with permanent validity in some specific scenarios. This is caused by the som...
Envoyproxy Envoy
9.8
CVSSv3
CVE-2023-37895
Java object deserialization issue in Jackrabbit webapp/standalone on all platforms allows malicious user to remotely execute code via RMIVersions up to (including) 2.20.10 (stable branch) and 2.21.17 (unstable branch) use the component "commons-beanutils", which contain...
Apache Jackrabbit
9.8
CVSSv3
CVE-2023-38632
async-sockets-cpp up to and including 0.3.1 has a stack-based buffer overflow in tcpsocket.hpp when processing malformed TCP packets.
Asynchronous Sockets For C\\+\\+ Project Asynchronous Sockets For C\\+\\+
1 Github repository
9.8
CVSSv3
CVE-2023-36670
A remotely exploitable command injection vulnerability was found on the Kratos NGC-IDU 9.1.0.4. An attacker can execute arbitrary Linux commands as root by sending crafted TCP requests to the device.
Kratosdefense Ngc Indoor Unit Firmware 9.1.0.4
9.8
CVSSv3
CVE-2023-36669
Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit (IDU) prior to 11.4 allows remote malicious users to obtain arbitrary control of the IDU/ODU system. Any attacker with layer-3 network access to the IDU can impersonate the Touch Panel Unit (TPU) wit...
Kratosdefense Ngc Indoor Unit Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »