Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
digit vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-25309
The telnet administrator service running on port 650 on Gigaset DX600A v41.00-175 devices does not implement any lockout or throttling functionality. This situation (together with the weak password policy that forces a 4-digit password) allows remote malicious users to easily obt...
Gigaset Dx600a Firmware V41.00-175
NA
CVE-2013-7422
Integer underflow in regcomp.c in Perl prior to 5.20, as used in Apple OS X prior to 10.10.5 and other products, allows context-dependent malicious users to execute arbitrary code or cause a denial of service (application crash) via a long digit string associated with an invalid ...
Apple Mac Os X
Perl Perl 5.18.4
4.3
CVSSv3
CVE-2023-49790
The Nextcloud iOS Files app allows users of iOS to interact with Nextcloud, a self-hosted productivity platform. Prior to version 4.9.2, the application can be used without providing the 4 digit PIN code. Nextcloud iOS Files app should be upgraded to 4.9.2 to receive the patch. N...
Nextcloud Nextcloud
5.3
CVSSv3
CVE-2021-29418
The netmask package prior to 2.0.1 for Node.js mishandles certain unexpected characters in an IP address string, such as an octal digit of 9. This (in some situations) allows malicious users to bypass access control that is based on IP addresses. NOTE: this issue exists because o...
Netmask Project Netmask
9.8
CVSSv3
CVE-2017-12860
The Epson "EasyMP" software is designed to remotely stream a users computer to supporting projectors.These devices are authenticated using a unique 4-digit code, displayed on-screen - ensuring only those who can view it are streaming.In addition to the password, each pr...
Epson Easymp 2.86
8.1
CVSSv3
CVE-2016-10116
NETGEAR Arlo base stations with firmware 1.7.5_6178 and previous versions, Arlo Q devices with firmware 1.8.0_5551 and previous versions, and Arlo Q Plus devices with firmware 1.8.1_6094 and previous versions use a pattern of adjective, noun, and three-digit number for the custom...
Netgear Arlo Base Station Firmware
Netgear Arlo Q Camera Firmware
Netgear Arlo Q Plus Camera Firmware
NA
CVE-2014-9115
SQL injection vulnerability in the rate_picture function in include/functions_rate.inc.php in Piwigo prior to 2.5.5, 2.6.x prior to 2.6.4, and 2.7.x prior to 2.7.2 allows remote malicious users to execute arbitrary SQL commands via the rate parameter to picture.php, related to an...
Piwigo Piwigo 2.6.2
Piwigo Piwigo 2.7.0
Piwigo Piwigo 2.7.1
Piwigo Piwigo
Piwigo Piwigo 2.6.0
Piwigo Piwigo 2.6.1
Piwigo Piwigo 2.6.3
1 EDB exploit
7.5
CVSSv3
CVE-2023-3222
Vulnerability in the password recovery mechanism of Password Recovery plugin for Roundcube, in its 1.2 version, which could allow a remote malicious user to change an existing user´s password by adding a 6-digit numeric token. An attacker could create an automatic script to...
Password Recovery Project Password Recovery 1.2
NA
CVE-2009-5055
Open Ticket Request System (OTRS) prior to 2.4.4 grants ticket access on the basis of single-digit substrings of the CustomerID value, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by visiting a ticket, as demonstrat...
Otrs Otrs 2.1.1
Otrs Otrs 2.2.4
Otrs Otrs 2.1.5
Otrs Otrs 2.3.2
Otrs Otrs 2.2.0
Otrs Otrs 2.2.1
Otrs Otrs 2.2.2
Otrs Otrs 2.0.3
Otrs Otrs 2.0.4
Otrs Otrs 0.5
Otrs Otrs 1.0
Otrs Otrs 2.2.9
Otrs Otrs 2.2.5
Otrs Otrs 2.1.7
Otrs Otrs 1.0.2
Otrs Otrs 1.1.0
Otrs Otrs 1.2.3
Otrs Otrs 1.3.0
Otrs Otrs 2.3.5
Otrs Otrs 2.4.0
Otrs Otrs
Otrs Otrs 2.1.0
8.8
CVSSv3
CVE-2024-23726
Ubee DDW365 XCNDDW365 devices have predictable default WPA2 PSKs that could lead to unauthorized remote access. A remote attacker (in proximity to a Wi-Fi network) can derive the default WPA2-PSK value by observing a beacon frame. A PSK is generated by using the first six charact...
Ubeeinteractive Ddw365 Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »