Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
backdoor vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-45562
Insecure permissions in Telos Alliance Omnia MPX Node v1.0.0 to v1.4.9 allow malicious users to manipulate and access system settings with backdoor account low privilege, this can lead to change hardware settings and execute arbitrary commands in vulnerable system functions that ...
Telosalliance Omnia Mpx Node Firmware
9.8
CVSSv3
CVE-2020-23591
A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028 allows an malicious user to upload arbitrary files through " /mgm_dev_upgrade.asp " which can "delete every file for Denial of Service (using 'rm -rf *.*' ...
Optilinknetwork Op-xt71000n Firmware 3.3.1-191028
1 Github repository
9.8
CVSSv3
CVE-2022-4093
SQL injection attacks can result in unauthorized access to sensitive data, such as passwords, credit card details, or personal user information. Many high-profile data breaches in recent years have been the result of SQL injection attacks, leading to reputational damage and regul...
Dolibarr Dolibarr Erp\\/crm 16.0.1
Dolibarr Dolibarr Erp\\/crm 16.0.2
10
CVSSv3
CVE-2022-3703
All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior’s web portal is vulnerable to accepting malicious firmware packages that could provide a backdoor to an attacker and provide privilege escalation to the device.
Etictelecom Remote Access Server Firmware
9.8
CVSSv3
CVE-2022-44048
The d8s-urls for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-domains package. The affected version of d8s-htm is 0.1.0.
Democritus D8s-urls 0.1.0
9.8
CVSSv3
CVE-2022-44049
The d8s-python for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-grammars package. The affected version of d8s-htm is 0.1.0.
Democritus D8s-python 0.1.0
1 Github repository
9.8
CVSSv3
CVE-2022-44050
The d8s-networking for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-json package. The affected version of d8s-htm is 0.1.0.
Democritus D8s-networking 0.1.0
9.8
CVSSv3
CVE-2022-44051
The d8s-stats for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-math package. The affected version of d8s-htm is 0.1.0.
Democritus D8s-stats 0.1.0
9.8
CVSSv3
CVE-2022-44052
The d8s-dates for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-timezones package. The affected version of d8s-htm is 0.1.0.
Democritus D8s-dates 0.1.0
9.8
CVSSv3
CVE-2022-44054
The d8s-xml for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-utility package. The affected version of d8s-htm is 0.1.0.
Democritus D8s-xml 0.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »