Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
server vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2021-33583
REINER timeCard 6.05.07 installs a Microsoft SQL Server with an sa password that is hardcoded in the TCServer.jar file.
Reiner-sct Timecard 6.05.07
10
CVSSv2
CVE-2021-36582
In Kooboo CMS 2.1.1.0, it is possible to upload a remote shell (e.g., aspx) to the server and then call upon it to receive a reverse shell from the victim server. The files are uploaded to /Content/Template/root/reverse-shell.aspx and can be simply triggered by browsing that URL.
Kooboo Kooboo Cms 2.1.1.0
1 Github repository
10
CVSSv2
CVE-2021-27391
A vulnerability has been identified in APOGEE MBC (PPC) (P2 Ethernet) (All versions >= V2.6.3), APOGEE MEC (PPC) (P2 Ethernet) (All versions >= V2.6.3), APOGEE PXC Compact (BACnet) (All versions < V3.5.3), APOGEE PXC Compact (P2 Ethernet) (All versions >= V2.8), APOGE...
Siemens Apogee Mbc \\(ppc\\) \\(p2 Ethernet\\) Firmware
Siemens Apogee Mec \\(ppc\\) \\(p2 Ethernet\\) Firmware
Siemens Apogee Pxc Bacnet Automation Controller Firmware
Siemens Apogee Pxc Compact \\(p2 Ethernet\\) Firmware
Siemens Apogee Pxc Modular \\(bacnet\\) Firmware
Siemens Apogee Pxc Modular \\(p2 Ethernet\\) Firmware
Siemens Talon Tc Compact \\(bacnet\\) Firmware
Siemens Talon Tc Modular \\(bacnet\\) Firmware
10
CVSSv2
CVE-2021-32802
Nextcloud server is an open source, self hosted personal cloud. Nextcloud supports rendering image previews for user provided file content. For some image types, the Nextcloud server was invoking a third-party library that wasn't suited for untrusted user-supplied content. T...
Nextcloud Nextcloud Server
10
CVSSv2
CVE-2020-15744
Stack-based Buffer Overflow vulnerability in the ONVIF server component of Victure PC420 smart camera allows an malicious user to execute remote code on the target device. This issue affects: Victure PC420 firmware version 1.2.2 and prior versions.
Govicture Pc420 Firmware
10
CVSSv2
CVE-2021-35393
Realtek Jungle SDK version v2.x up to v3.4.14B provides a 'WiFi Simple Config' server that implements both UPnP and SSDP protocols. The binary is usually named wscd or mini_upnpd and is the successor to miniigd. The server is vulnerable to a stack buffer overflow vulner...
Realtek Realtek Jungle Sdk
1 Github repository
10
CVSSv2
CVE-2021-35395
Realtek Jungle SDK version v2.x up to v3.4.14B provides an HTTP web server exposing a management interface that can be used to configure the access point. Two versions of this management interface exists: one based on Go-Ahead named webs and another based on Boa named boa. Both o...
Realtek Realtek Jungle Sdk
1 Article
10
CVSSv2
CVE-2020-5341
Deserialization of Untrusted Data Vulnerability Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2, 19.1 and 19.2 and Dell EMC Integrated Data Protection Appliance versions 2.0, 2.1, 2.2, 2.3, 2.4 and 2.4.1 contain a Deserialization of Untrusted Data Vulnerability. A remot...
Dell Emc Avamar Server 7.4.1
Dell Emc Avamar Server 7.5.0
Dell Emc Avamar Server 7.5.1
Dell Emc Avamar Server 18.1
Dell Emc Avamar Server 18.2
Dell Emc Avamar Server 19.1
Dell Emc Avamar Server 19.2
Dell Emc Integrated Data Protection Appliance Firmware 2.0
Dell Emc Integrated Data Protection Appliance Firmware 2.1
Dell Emc Integrated Data Protection Appliance Firmware 2.2
Dell Emc Integrated Data Protection Appliance Firmware 2.3
Dell Emc Integrated Data Protection Appliance Firmware 2.4
Dell Emc Integrated Data Protection Appliance Firmware 2.4.1
10
CVSSv2
CVE-2021-35464
ForgeRock AM server prior to 7.0 has a Java deserialization vulnerability in the jato.pageSession parameter on multiple pages. The exploitation does not require authentication, and remote code execution can be triggered by sending a single crafted /ccversion/* request to the serv...
Forgerock Am
Forgerock Openam
1 Github repository
10
CVSSv2
CVE-2021-22707
A CWE-798: Use of Hard-coded Credentials vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all versions prior to R8 V3.4.0.1 ) that c...
Schneider-electric Evlink City Evc1s22p4 Firmware
Schneider-electric Evlink City Evc1s7p4 Firmware
Schneider-electric Evlink Parking Evw2 Firmware
Schneider-electric Evlink Parking Evf2 Firmware
Schneider-electric Evlink Parking Ev.2 Firmware
Schneider-electric Evlink Smart Wallbox Evb1a Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »