Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sec-consult.com vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2019-12549
WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain hardcoded private keys for the SSH daemon. The fingerprint of the SSH host key from the corresponding SSH daemon matches the embedded private key.
Wago 852-303 Firmware
Wago 852-1305 Firmware
Wago 852-1505 Firmware
890
VMScore
CVE-2019-12550
WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain hardcoded users and passwords that can be used to login via SSH and TELNET.
Wago 852-303 Firmware
Wago 852-1305 Firmware
Wago 852-1505 Firmware
642
VMScore
CVE-2010-0296
The encode_name macro in misc/mntent_r.c in the GNU C Library (aka glibc or libc6) 2.11.1 and previous versions, as used by ncpmount and mount.cifs, does not properly handle newline characters in mountpoint names, which allows local users to cause a denial of service (mtab corrup...
Gnu Glibc 2.2.2
Gnu Glibc 2.9
Gnu Glibc 2.7
Gnu Glibc 2.1.2
Gnu Glibc 2.11
Gnu Glibc 2.0.5
Gnu Glibc 2.2.5
Gnu Glibc 2.0.6
Gnu Glibc 2.10.1
Gnu Glibc 2.1.1
Gnu Glibc 2.0.3
Gnu Glibc 2.3.1
Gnu Glibc 2.3
Gnu Glibc 2.0
Gnu Glibc 2.1.1.6
Gnu Glibc 2.3.10
Gnu Glibc 2.4
Gnu Glibc 2.1
Gnu Glibc 2.3.4
Gnu Glibc 2.1.9
Gnu Glibc 2.3.3
Gnu Glibc 2.6.1
668
VMScore
CVE-2012-1777
SQL injection vulnerability in my.activation.php3 in F5 FirePass 6.0.0 up to and including 6.1.0 and 7.0.0 allows remote malicious users to execute arbitrary SQL commands via the state parameter.
F5 Firepass 7.0.0
F5 Firepass 6.0
F5 Firepass 6.1.0
445
VMScore
CVE-2019-5747
An issue exists in BusyBox up to and including 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP client, server, and/or relay) might allow a remote malicious user to leak sensitive information from the stack by sending a crafted DHCP message. This is related...
Busybox Busybox
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
578
VMScore
CVE-2019-16745
eBrigade prior to 5.0 has evenement_choice.php chxCal SQL Injection.
Ebrigade Ebrigade
NA
CVE-2023-4296
?If an attacker tricks an admin user of PTC Codebeamer into clicking on a malicious link, it may allow the malicious user to inject arbitrary code to be executed in the browser on the target device.
Intland Codebeamer 21.09.0
Intland Codebeamer 22.04.0
Intland Codebeamer 22.10.0
695
VMScore
CVE-2015-3035
Directory traversal vulnerability in TP-LINK Archer C5 (1.2) with firmware prior to 150317, C7 (2.0) with firmware prior to 150304, and C8 (1.0) with firmware prior to 150316, Archer C9 (1.0), TL-WDR3500 (1.0), TL-WDR3600 (1.0), and TL-WDR4300 (1.0) with firmware prior to 150302,...
Tp-link Tl-wr841n \\(9.0\\) Firmware
Tp-link Tl-wr740n \\(5.0\\) Firmware
Tp-link Archer C5 \\(1.2\\) Firmware
Tp-link Tl-wr841n \\(10.0\\) Firmware
Tp-link Tl-wr741nd \\(5.0\\) Firmware
Tp-link Tl-wr741nd \\(5.0\\)
Tp-link Tl-wdr3600 \\(1.0\\) Firmware
Tp-link Archer C7 \\(2.0\\) Firmware
Tp-link Tl-wr841nd \\(10.0\\) Firmware 150104
Tp-link Archer C9 \\(1.0\\) Firmware
Tp-link Tl-wr841nd \\(9.0\\) Firmware
Tp-link Archer C8 \\(1.0\\) Firmware
Tp-link Tl-wdr4300 \\(1.0\\) Firmware
Tp-link Tl-wdr3500 \\(1.0\\) Firmware
312
VMScore
CVE-2020-8462
A cross-site scripting (XSS) vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an malicious user to tamper with the web interface of the product.
Trendmicro Interscan Web Security Virtual Appliance 6.5
445
VMScore
CVE-2020-8464
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an malicious user to send requests that appear to come from the localhost which could expose the product's admin interface to users who would not normally have access.
Trendmicro Interscan Web Security Virtual Appliance 6.5
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »