Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
securiteam vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2017-11469
get2post.php in IDERA Uptime Monitor 7.8 has directory traversal in the file_name parameter.
Idera Uptime Infrastructure Monitor 7.8
1 EDB exploit
7.5
CVSSv2
CVE-2017-11470
IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatifGadget/getxenmetrics.php via the element parameter.
Idera Uptime Infrastructure Monitor 7.8
1 EDB exploit
7.5
CVSSv2
CVE-2017-11471
IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatIfGadget/getmetrics.php via the element parameter.
Idera Uptime Infrastructure Monitor 7.8
1 EDB exploit
5
CVSSv2
CVE-2017-11502
Technicolor DPC3928AD DOCSIS devices allow remote malicious users to read arbitrary files via a request starting with "GET /../" on TCP port 4321.
Cisco Dpc3928ad Docsis Wireless Router Firmware -
1 EDB exploit
10
CVSSv2
CVE-2017-18001
Trustwave Secure Web Gateway (SWG) up to and including 11.8.0.27 allows remote malicious users to append an arbitrary public key to the device's SSH Authorized Keys data, and consequently obtain remote root access, via the publicKey parameter to the /sendKey URI.
Trustwave Secure Web Gateway
1 EDB exploit
7.5
CVSSv2
CVE-2017-1000353
Jenkins versions 2.56 and previous versions as well as 2.46.1 LTS and previous versions are vulnerable to an unauthenticated remote code execution. An unauthenticated remote code execution vulnerability allowed malicious users to transfer a serialized Java `SignedObject` object t...
Jenkins Jenkins
Oracle Communications Cloud Native Core Automated Test Suite 1.9.0
1 EDB exploit
5 Github repositories
1 Article
7.5
CVSSv2
CVE-2017-15579
In PHPSUGAR PHP Melody prior to 2.7.3, SQL Injection exists via an aa_pages_per_page cookie in a playlist action to watch.php.
Phpsugar Php Melody
1 EDB exploit
4.6
CVSSv2
CVE-2017-15649
net/packet/af_packet.c in the Linux kernel prior to 4.13.6 allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-fre...
Linux Linux Kernel
1 EDB exploit
6.8
CVSSv2
CVE-2017-16352
GraphicsMagick 1.3.26 is vulnerable to a heap-based buffer overflow vulnerability found in the "Display visual image directory" feature of the DescribeImage() function of the magick/describe.c file. One possible way to trigger the vulnerability is to run the identify co...
Graphicsmagick Graphicsmagick 1.3.26
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
1 EDB exploit
4.3
CVSSv2
CVE-2017-16353
GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describe.c file, because of a heap-based buffer over-read. The portion of the code containing the vulnerability is responsible for printing the I...
Graphicsmagick Graphicsmagick 1.3.26
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »