Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-25833
A file extension handling issue was found in [server] module of ONLYOFFICE DocumentServer v4.2.0.71-v5.6.0.21. The file extension is controlled by an attacker through the request data and leads to arbitrary file overwriting. Using this vulnerability, a remote attacker can obtain ...
Onlyoffice Document Server
7.5
CVSSv3
CVE-2021-25834
Cosmos Network Ethermint <= v0.4.0 is affected by a transaction replay vulnerability in the EVM module. If the victim sends a very large nonce transaction, the attacker can replay the transaction through the application.
Chainsafe Ethermint
7.5
CVSSv3
CVE-2021-25836
Cosmos Network Ethermint <= v0.4.0 is affected by cache lifecycle inconsistency in the EVM module. The bytecode set in a FAILED transaction wrongfully remains in memory(stateObject.code) and is further written to persistent store at the Endblock stage, which may be utilized to...
Chainsafe Ethermint
7.5
CVSSv3
CVE-2021-25837
Cosmos Network Ethermint <= v0.4.0 is affected by cache lifecycle inconsistency in the EVM module. Due to the inconsistency between the Storage caching cycle and the Tx processing cycle, Storage changes caused by a failed transaction are improperly reserved in memory. Although...
Chainsafe Ethermint
1 Github repository
6.1
CVSSv3
CVE-2021-25838
The Import function in MintHCM RELEASE 3.0.8 allows an malicious user to execute a cross-site scripting (XSS) payload in file-upload.
9.8
CVSSv3
CVE-2021-25839
A weak password requirement vulnerability exists in the Create New User function of MintHCM RELEASE 3.0.8, which could lead an malicious user to easier password brute-forcing.
9.1
CVSSv3
CVE-2021-25847
Improper validation of the length field of LLDP-MED TLV in userdisk/vport_lldpd in Moxa Camera VPort 06EC-2V Series, version 1.1, allows information disclosure to attackers due to controllable loop counter variable via a crafted lldp packet.
Moxa Vport 06ec-2v26m Firmware
Moxa Vport 06ec-2v36m-t Firmware
Moxa Vport 06ec-2v36m-ct Firmware
Moxa Vport 06ec-2v36m-ct-t Firmware
Moxa Vport 06ec-2v42m Firmware
Moxa Vport 06ec-2v42m-t Firmware
Moxa Vport 06ec-2v42m-ct Firmware
Moxa Vport 06ec-2v42m-ct-t Firmware
Moxa Vport 06ec-2v60m Firmware
Moxa Vport 06ec-2v60m-t Firmware
Moxa Vport 06ec-2v60m-ct Firmware
Moxa Vport 06ec-2v60m-ct-t Firmware
Moxa Vport 06ec-2v80m Firmware
Moxa Vport 06ec-2v80m-t Firmware
Moxa Vport 06ec-2v80m-ct Firmware
Moxa Vport 06ec-2v80m-ct-t Firmware
7.5
CVSSv3
CVE-2017-10974
Yaws 1.91 allows Unauthenticated Remote File Disclosure via HTTP Directory Traversal with /%5C../ to port 8080. NOTE: this CVE is only about use of an initial /%5C sequence to defeat traversal protection mechanisms; the initial /%5C sequence was apparently not discussed in earlie...
Yaws Yaws 1.91
1 EDB exploit
9.1
CVSSv3
CVE-2021-25848
Improper validation of the length field of LLDP-MED TLV in userdisk/vport_lldpd in Moxa Camera VPort 06EC-2V Series, version 1.1, allows information disclosure to attackers due to using fixed loop counter variable without checking the actual available length via a crafted lldp pa...
Moxa Vport 06ec-2v26m Firmware
Moxa Vport 06ec-2v36m-t Firmware
Moxa Vport 06ec-2v36m-ct Firmware
Moxa Vport 06ec-2v36m-ct-t Firmware
Moxa Vport 06ec-2v42m Firmware
Moxa Vport 06ec-2v42m-t Firmware
Moxa Vport 06ec-2v42m-ct Firmware
Moxa Vport 06ec-2v42m-ct-t Firmware
Moxa Vport 06ec-2v60m Firmware
Moxa Vport 06ec-2v60m-t Firmware
Moxa Vport 06ec-2v60m-ct Firmware
Moxa Vport 06ec-2v60m-ct-t Firmware
Moxa Vport 06ec-2v80m Firmware
Moxa Vport 06ec-2v80m-t Firmware
Moxa Vport 06ec-2v80m-ct Firmware
Moxa Vport 06ec-2v80m-ct-t Firmware
7.5
CVSSv3
CVE-2021-25849
An integer underflow exists in userdisk/vport_lldpd in Moxa Camera VPort 06EC-2V Series, version 1.1, improper validation of the PortID TLV leads to Denial of Service via a crafted lldp packet.
Moxa Vport 06ec-2v26m Firmware
Moxa Vport 06ec-2v36m-t Firmware
Moxa Vport 06ec-2v36m-ct Firmware
Moxa Vport 06ec-2v36m-ct-t Firmware
Moxa Vport 06ec-2v42m Firmware
Moxa Vport 06ec-2v42m-t Firmware
Moxa Vport 06ec-2v42m-ct Firmware
Moxa Vport 06ec-2v42m-ct-t Firmware
Moxa Vport 06ec-2v60m Firmware
Moxa Vport 06ec-2v60m-t Firmware
Moxa Vport 06ec-2v60m-ct Firmware
Moxa Vport 06ec-2v60m-ct-t Firmware
Moxa Vport 06ec-2v80m Firmware
Moxa Vport 06ec-2v80m-t Firmware
Moxa Vport 06ec-2v80m-ct Firmware
Moxa Vport 06ec-2v80m-ct-t Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »