Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
concept vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2021-21972
The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Se...
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
Vmware Cloud Foundation
46 Github repositories
2 Articles
4.3
CVSSv2
CVE-2011-1077
Multiple cross-site scripting (XSS) vulnerabilities in Apache Archiva 1.0 up to and including 1.2.2, and 1.3.x prior to 1.3.5, allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Apache Archiva 1.2.2
Apache Archiva 1.1.4
Apache Archiva 1.2
Apache Archiva 1.0.2
Apache Archiva 1.0.3
Apache Archiva 1.3.2
Apache Archiva 1.1.2
Apache Archiva 1.2-m1
Apache Archiva 1.0
Apache Archiva 1.0.1
Apache Archiva 1.3.3
Apache Archiva 1.3
Apache Archiva 1.3.4
Apache Archiva 1.1.3
Apache Archiva 1.3.1
Apache Archiva 1.2.1
Apache Archiva 1.1
Apache Archiva 1.1.1
NA
CVE-2023-43986
DM Concept configurator before v4.9.4 exists to contain a SQL injection vulnerability via the component ConfiguratorAttachment::getAttachmentByToken.
Dmconcept Configurator
4.6
CVSSv2
CVE-2021-1727
Windows Installer Elevation of Privilege Vulnerability
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows 10 1607
Microsoft Windows 8.1 -
Microsoft Windows Server 2016 -
Microsoft Windows Server 2008 -
Microsoft Windows 7 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2012 -
Microsoft Windows 10 -
Microsoft Windows 10 1803
Microsoft Windows Server 2019 -
Microsoft Windows 10 1809
Microsoft Windows Server 2016 1909
Microsoft Windows 10 1909
Microsoft Windows 10 2004
Microsoft Windows Server 2016 2004
Microsoft Windows 10 20h2
Microsoft Windows Server 2016 20h2
1 Article
4.4
CVSSv2
CVE-2020-28243
An issue exists in SaltStack Salt prior to 3002.5. The minion's restartcheck is vulnerable to command injection via a crafted process name. This allows for a local privilege escalation by any user able to create a files on the minion in a non-blacklisted directory.
Saltstack Salt
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
1 Github repository
1 Article
6.8
CVSSv2
CVE-2011-1026
Multiple cross-site request forgery (CSRF) vulnerabilities in Apache Archiva 1.0 up to and including 1.2.2, and 1.3.x prior to 1.3.5, allow remote malicious users to hijack the authentication of administrators.
Apache Archiva 1.1
Apache Archiva 1.1.1
Apache Archiva 1.2-m1
Apache Archiva 1.3
Apache Archiva 1.1.2
Apache Archiva 1.1.3
Apache Archiva 1.2.1
Apache Archiva 1.2.2
Apache Archiva 1.1.4
Apache Archiva 1.2
Apache Archiva 1.0
Apache Archiva 1.0.1
Apache Archiva 1.3.4
Apache Archiva 1.0.2
Apache Archiva 1.0.3
Apache Archiva 1.3.1
Apache Archiva 1.3.2
Apache Archiva 1.3.3
6.8
CVSSv2
CVE-2022-25838
Laravel Fortify prior to 1.11.1 allows reuse within a short time window, thus calling into question the "OT" part of the "TOTP" concept.
Laravel Fortify
7.5
CVSSv2
CVE-2018-12706
DIGISOL DG-BR4000NG devices have a Buffer Overflow via a long Authorization HTTP header.
Digisol Dg-br4000ng Firmware
1 EDB exploit
5
CVSSv2
CVE-2019-14322
In Pallets Werkzeug prior to 0.15.5, SharedDataMiddleware mishandles drive names (such as C:) in Windows pathnames.
Palletsprojects Werkzeug
3 Github repositories
7.2
CVSSv2
CVE-2021-41335
Windows Kernel Elevation of Privilege Vulnerability
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows 10 1607
Microsoft Windows Server 2016 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2012 -
Microsoft Windows 10 -
Microsoft Windows Server 2019 -
Microsoft Windows 10 1809
Microsoft Windows 10 1909
Microsoft Windows 10 2004
Microsoft Windows Server 2016 2004
Microsoft Windows 10 20h2
Microsoft Windows Server 2016 20h2
Microsoft Windows 10 21h1
Microsoft Windows 7 -
Microsoft Windows 8.1 -
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »