Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2018-20028
Contao 3.x prior to 3.5.37, 4.4.x prior to 4.4.31 and 4.6.x prior to 4.6.11 has Incorrect Access Control.
Contao Contao Cms
436
VMScore
CVE-2018-20029
The nxfs.sys driver in the DokanFS library 0.6.0 in NoMachine prior to 6.4.6 on Windows 10 allows local users to cause a denial of service (BSOD) because uninitialized memory can be read.
Nomachine Nomachine
Dokan-dev Dokanfs 0.6.0
694
VMScore
CVE-2018-20030
An error when processing the EXIF_IFD_INTEROPERABILITY and EXIF_IFD_EXIF tags within libexif version 0.6.21 can be exploited to exhaust available CPU resources.
Libexif Project Libexif 0.6.21
668
VMScore
CVE-2018-20033
A Remote Code Execution vulnerability in lmgrd and vendor daemon components of FlexNet Publisher version 11.16.1.0 and previous versions could allow a remote malicious user to corrupt the memory by allocating / deallocating memory, loading lmgrd or the vendor daemon and causing t...
Flexera Flexnet Publisher
Oracle Communications Lsms
694
VMScore
CVE-2018-20051
Mishandling of '>' on the Jooan JA-Q1H Wi-Fi camera with firmware 21.0.0.91 allows remote malicious users to cause a denial of service (crash and reboot) via certain ONVIF methods such as CreateUsers, SetImagingSettings, GetStreamUri, and so on.
Qacctv Jooan Ja-q1h Wi-fi Camera Firmware 21.0.0.91
641
VMScore
CVE-2018-20052
An issue exists on Cerner Connectivity Engine (CCE) 4 devices. The user running the main CCE firmware has NOPASSWD sudo privileges to several utilities that could be used to escalate privileges to root. One example is the "sudo ln -s /tmp/script /etc/cron.hourly/script"...
Cerner Connectivity Engine 4 Firmware
356
VMScore
CVE-2021-27783
User generated PPKG file for Bulk Enroll may have unencrypted sensitive information exposed.
Hcltech Bigfix Modern Client Management 2.0
Hcltech Bigfix Modern Client Management 2.1
Hcltech Bigfix Mobile 2.1
Hcltech Bigfix Mobile 2.0
668
VMScore
CVE-2018-20053
An issue exists on Cerner Connectivity Engine (CCE) 4 devices. The hostname, timezone, and NTP server configurations on the CCE device are vulnerable to command injection by sending a crafted configuration file over the network.
Cerner Connectivity Engine 4 Firmware
802
VMScore
CVE-2018-20057
An issue exists in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 and DIR-605L Rev.B 2.12B1 devices. goform/formSysCmd allows remote authenticated users to execute arbitrary OS commands via the sysCmd POST parameter.
D-link Dir-619l Firmware 2.06b1
D-link Dir-605l Firmware 2.12b1
668
VMScore
CVE-2018-20059
jaxb/JaxbEngine.java in Pippo 1.11.0 allows XXE.
Pippo Pippo 1.11.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »