Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
id vulnerabilities and exploits
(subscribe to this query)
NA
CVE-1999-1505
Buffer overflow in QuakeWorld 2.10 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary commands via a long initial connect packet.
Id Software Quakeworld 2.10
7.5
CVSSv3
CVE-2019-3908
Premisys Identicard version 3.1.190 stores backup files as encrypted zip files. The password to the zip is hard-coded and unchangeable. An attacker with access to these backups can decrypt them and obtain sensitive data.
Identicard Premisys Id 3.1.190
NA
CVE-1999-1502
Buffer overflows in Quake 1.9 client allows remote malicious servers to execute arbitrary commands via long (1) precache paths, (2) server name, (3) server address, or (4) argument to the map console command.
Id Software Quake 1.9
8.8
CVSSv3
CVE-2019-3906
Premisys Identicard version 3.1.190 contains hardcoded credentials in the WCF service on port 9003. An authenticated remote attacker can use these credentials to access the badge system database and modify its contents.
Identicard Premisys Id 3.1.190
7.5
CVSSv3
CVE-2019-3907
Premisys Identicard version 3.1.190 stores user credentials and other sensitive information with a known weak encryption method (MD5 hash of a salt and password).
Identicard Premisys Id 3.1.190
9.8
CVSSv3
CVE-2019-3909
Premisys Identicard version 3.1.190 database uses default credentials. Users are unable to change the credentials without vendor intervention.
Identicard Premisys Id 3.1.190
NA
CVE-1999-1230
Quake 2 server allows remote malicious users to cause a denial of service via a spoofed UDP packet with a source address of 127.0.0.1, which causes the server to attempt to connect to itself.
Id Software Quake 2
9.8
CVSSv3
CVE-2023-33367
A SQL injection vulnerability exists in Control ID IDSecure 4.7.26.0 and prior, allowing unauthenticated malicious users to write PHP files on the server's root directory, resulting in remote code execution.
Assaabloy Control Id Idsecure
6.5
CVSSv3
CVE-2023-33368
Some API routes exists in Control ID IDSecure 4.7.26.0 and prior, exfiltrating sensitive information and passwords to users accessing these API routes.
Assaabloy Control Id Idsecure
9.1
CVSSv3
CVE-2023-33369
A path traversal vulnerability exists in Control ID IDSecure 4.7.26.0 and prior, allowing malicious users to delete arbitrary files on IDSecure filesystem, causing a denial of service.
Assaabloy Control Id Idsecure
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »