Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web port vulnerabilities and exploits
(subscribe to this query)
8.6
CVSSv3
CVE-2023-32409
The issue was addressed with improved bounds checks. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.8 and iPadOS 15.7.8, Safari 16.5, iOS 16.5 and iPadOS 16.5. A remote attacker may be able to break out of Web Content sandbox. Apple is aware of a repo...
Apple Macos
Apple Watchos
Apple Tvos
Apple Safari
Apple Iphone Os
Apple Ipados
3 Articles
8.8
CVSSv3
CVE-2023-32373
A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing maliciously crafted web content may lead to arbitrary code exec...
Apple Watchos
Apple Tvos
Apple Macos
Apple Ipados
Apple Safari
Apple Iphone Os
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
2 Articles
NA
CVE-2020-22592
A logic issue was addressed with improved state management. (CVE-2020-22592) A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2...
9.8
CVSSv3
CVE-2023-33294
An issue exists in KaiOS 3.0 prior to 3.1. The /system/bin/tctweb_server binary exposes a local web server that responds to GET and POST requests on port 2929. The server accepts arbitrary Bash commands and executes them as root. Because it is not permission or context restricted...
Kaiostech Kaios 3.0
Kaiostech Kaios 3.1
8.8
CVSSv3
CVE-2023-2203
A flaw was found in the WebKitGTK package. An improper input validation issue may lead to a use-after-free vulnerability. This flaw allows attackers with network access to pass specially crafted web content files, causing a denial of service or arbitrary code execution. This CVE ...
Webkitgtk Webkit2gtk3 2.38.5-1.el9
Webkitgtk Webkit2gtk3 2.38.5-1.el8
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Redhat Enterprise Linux Server Tus 8.8
Redhat Enterprise Linux Server Aus 8.8
Redhat Enterprise Linux Eus 8.8
Redhat Enterprise Linux Server Aus 9.2
Redhat Enterprise Linux Eus 9.2
5.5
CVSSv3
CVE-2023-27932
This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, tvOS 16.4, watchOS 9.4. Processing maliciously crafted web content may bypass Same Origin Policy.
Apple Iphone Os
Apple Ipados
Apple Tvos
Apple Watchos
Apple Macos
Apple Safari
Debian Debian Linux 10.0
6.5
CVSSv3
CVE-2023-27954
The issue was addressed by removing origin information. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4, watchOS 9.4. A website may be able to track sensitive user information.
Apple Macos
Apple Tvos
Apple Watchos
Apple Iphone Os
Apple Ipad Os
Apple Safari
Debian Debian Linux 10.0
8.8
CVSSv3
CVE-2022-32885
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing maliciously crafted web content may lead to arbitrary code execution
Apple Iphone Os
Apple Ipados
Apple Safari
Apple Macos
9.8
CVSSv3
CVE-2023-20126
A vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters could allow an unauthenticated, remote malicious user to execute arbitrary code on an affected device. This vulnerability is due to a missing authentication process within the firmware upg...
Cisco Spa112 Firmware 1.4.1
1 Article
9.8
CVSSv3
CVE-2023-1778
This vulnerability exists in GajShield Data Security Firewall firmware versions prior to v4.28 (except v4.21) due to insecure default credentials which allows remote malicious user to login as superuser by using default username/password via web-based management interface and/or ...
Gajshield Data Security Firewall Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »