Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redteam-pentesting.de vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-4351
The securelevels implementation in FreeBSD 7.0 and previous versions, OpenBSD up to 3.8, DragonFly up to 1.2, and Linux up to 2.6.15 allows root users to bypass immutable settings for files by mounting another filesystem that masks the immutable files while the system is running.
Freebsd Freebsd 7.0
Dragonfly Dragonfly
Openbsd Openbsd
Freebsd Freebsd
Linux Linux Kernel
4.3
CVSSv3
CVE-2019-1854
A vulnerability in the management web interface of Cisco Expressway Series could allow an authenticated, remote malicious user to perform a directory traversal attack against an affected device. The vulnerability is due to insufficient input validation on the web interface. An at...
Cisco Telepresence Video Communication Server X8.11.4
NA
CVE-2014-1224
Incomplete blacklist vulnerability in the user registration feature in rexx Recruitment R6.1 and R7 without "fixes from 2014-01-15" allows remote malicious users to conduct cross-site scripting (XSS) attacks via the oninput event handler in the fname parameter to the de...
Rexx-systems Recruitment R7.0
Rexx-systems Recruitment R6.1
7.5
CVSSv3
CVE-2019-13549
Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. The authentication mechanism on affected systems does not provide a sufficient level of protection against unauthorized configuration changes. Primary operations, namely turning...
Carel Pcoweb Firmware
NA
CVE-2007-3012
The web interface in Fujitsu-Siemens Computers PRIMERGY BX300 Switch Blade allows remote malicious users to obtain sensitive information by canceling the authentication dialog when accessing a sub-page, which still displays the form field contents of the sub-page, as demonstrated...
Fujitsu Primergy Bx300
NA
CVE-2014-2301
OrbiTeam BSCW prior to 5.0.8 allows remote malicious users to obtain sensitive metadata via the inf operations (op=inf) to an object in pub/bscw.cgi/.
Bscw Bscw
7.5
CVSSv3
CVE-2021-40856
Auerswald COMfortel 1400 IP and 2600 IP prior to 2.8G devices allow Authentication Bypass via the /about/../ substring.
Auerswald Comfortel 3600 Ip Firmware
Auerswald Comfortel 2600 Ip Firmware
Auerswald Comfortel 1400 Ip Firmware
8.8
CVSSv3
CVE-2021-40857
Auerswald COMpact 5500R devices prior to 8.2B allow Privilege Escalation via the passwd=1 substring.
Auerswald Compact 5500r Ip Firmware
Auerswald Compact 5200r Ip Firmware
Auerswald Compact 5000r Ip Firmware
Auerswald Compact 4000 Ip Firmware
Auerswald Commander 6000r Ip Firmware
Auerswald Commander 6000rx Ip Firmware
Auerswald Commander Business\\(19\\\"\\) Ip Firmware
Auerswald Commander Basic.2\\(19\\\"\\) Ip Firmware
Auerswald Compact 5010 Voip Ip Firmware
Auerswald Compact 5020 Voip Ip Firmware
9.8
CVSSv3
CVE-2021-40859
Backdoors were discovered in Auerswald COMpact 5500R 7.8A and 8.0B devices, that allow attackers with access to the web based management application full administrative access to the device.
Auerswald Compact 5500r Firmware 7.8a
Auerswald Compact 5500r Firmware 8.0b
3 Github repositories
9.8
CVSSv3
CVE-2019-9891
The function getopt_simple as described in Advanced Bash Scripting Guide (ISBN 978-1435752184) allows privilege escalation and execution of commands when used in a shell script called, for example, via sudo.
Tldp Advanced Bash-scripting Guide
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »