Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
metasploit.com vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-9015
Arista DCS-7050QX-32S-R 4.20.9M, DCS-7050CX3-32S-R 4.20.11M, and DCS-7280SRAM-48C6-R 4.22.0.1F devices (and possibly other products) allow malicious users to bypass intended TACACS+ shell restrictions via a | character. NOTE: the vendor reports that this is a configuration issue ...
Arista Dcs-7050qx-32s-r Firmware 4.20.9m
Arista Dcs-7050cx3-32s-r Firmware 4.20.11m
Arista Dcs-7280sram-48c6-r Firmware 4.22.0.1f
NA
CVE-2011-2110
Adobe Flash Player prior to 10.3.181.26 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.23 and previous versions on Android, allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in th...
Adobe Flash Player 10.1.52.14.1
Adobe Flash Player 10.1.102.64
Adobe Flash Player 10.0.42.34
Adobe Flash Player 10.0.45.2
Adobe Flash Player 9.0.28
Adobe Flash Player 9.0.260.0
Adobe Flash Player 10.1.92.10
Adobe Flash Player 10.0.15.3
Adobe Flash Player 9.0.112.0
Adobe Flash Player 9.0.246.0
Adobe Flash Player 9.0.45.0
Adobe Flash Player 9.0.114.0
Adobe Flash Player 9.0.31.0
Adobe Flash Player 9.0.124.0
Adobe Flash Player 8.0.22.0
Adobe Flash Player 8.0.42.0
Adobe Flash Player 7.0.66.0
Adobe Flash Player 7.0.73.0
Adobe Flash Player 7.0.67.0
Adobe Flash Player 7.1.1
Adobe Flash Player 7.0.14.0
Adobe Flash Player 6.0.79
1 EDB exploit
8.4
CVSSv3
CVE-2020-16875
<p>A remote code execution vulnerability exists in Microsoft Exchange server due to improper validation of cmdlet arguments.</p> <p>An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. Exploitation ...
Microsoft Exchange Server 2019
Microsoft Exchange Server 2016
2 Articles
8.6
CVSSv3
CVE-2020-16952
<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint applicati...
Microsoft Sharepoint Foundation 2013
Microsoft Sharepoint Enterprise Server 2016
Microsoft Sharepoint Server 2019
1 Article
7.8
CVSSv3
CVE-2022-30526
A privilege escalation vulnerability was identified in the CLI command of Zyxel USG FLEX 100(W) firmware versions 4.50 up to and including 5.30, USG FLEX 200 firmware versions 4.50 up to and including 5.30, USG FLEX 500 firmware versions 4.50 up to and including 5.30, USG FLEX 70...
Zyxel Usg Flex 100w Firmware
Zyxel Usg Flex 200 Firmware
Zyxel Usg Flex 500 Firmware
Zyxel Usg Flex 700 Firmware
Zyxel Usg Flex 50w Firmware
Zyxel Usg20w-vpn Firmware
Zyxel Atp800 Firmware
Zyxel Atp700 Firmware
Zyxel Atp500 Firmware
Zyxel Atp200 Firmware
Zyxel Atp100w Firmware
Zyxel Atp100 Firmware
Zyxel Vpn1000 Firmware
Zyxel Vpn300 Firmware
Zyxel Vpn100 Firmware
Zyxel Vpn50 Firmware
Zyxel Usg20-vpn Firmware
Zyxel Usg 2200-vpn Firmware
Zyxel Zywall 110 Firmware
Zyxel Zywall 310 Firmware
Zyxel Zywall 1100 Firmware
Zyxel Usg40 Firmware
7.5
CVSSv3
CVE-2023-36661
Shibboleth XMLTooling prior to 3.2.4, as used in OpenSAML and Shibboleth Service Provider, allows SSRF via a crafted KeyInfo element. (This is fixed in, for example, Shibboleth Service Provider 3.4.1.3 on Windows.)
Shibboleth Xmltooling
Debian Debian Linux 11.0
Debian Debian Linux 12.0
9.8
CVSSv3
CVE-2024-27198
In JetBrains TeamCity prior to 2023.11.4 authentication bypass allowing to perform admin actions was possible
Jetbrains Teamcity
14 Github repositories
5 Articles
NA
CVE-2024-27199
In JetBrains TeamCity prior to 2023.11.4 path traversal allowing to perform limited admin actions was possible
12 Github repositories
2 Articles
9.1
CVSSv3
CVE-2021-21809
A command execution vulnerability exists in the default legacy spellchecker plugin in Moodle 3.10. A specially crafted series of HTTP requests can lead to command execution. An attacker must have administrator privileges to exploit this vulnerabilities.
Moodle Moodle 3.10.0
1 Github repository
NA
CVE-2014-8636
The XrayWrapper implementation in Mozilla Firefox prior to 35.0 and SeaMonkey prior to 2.32 does not properly interact with a DOM object that has a named getter, which might allow remote malicious users to execute arbitrary JavaScript code with chrome privileges via unspecified v...
Mozilla Firefox
Mozilla Seamonkey
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »