Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
core security technologies vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-15133
Core Security Technologies Advisory - When the install script for e107 CMS has not been removed, an attacker can "reinstall" the application using arbitrary parameters. If the attacker puts a valid MySql server followed a semicolon and PHP code, this will be executed wh...
NA
CVE-2011-15153
Core Security Technologies Advisory - HP Data Protector is an automated backup and recovery software for single-server to enterprise environments. Multiple vulnerabilities have been found in HP Data Protector that could allow a remote attacker to execute arbitrary code and lead t...
NA
CVE-2010-3960
Hyper-V in Microsoft Windows Server 2008 Gold, SP2, and R2 allows guest OS users to cause a denial of service (host OS hang) by sending a crafted encapsulated packet over the VMBus, aka "Hyper-V VMBus Vulnerability."
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
NA
CVE-2008-0196
Multiple directory traversal vulnerabilities in WordPress 2.0.11 and previous versions allow remote malicious users to read arbitrary files via a .. (dot dot) in (1) the page parameter to certain PHP scripts under wp-admin/ or (2) the import parameter to wp-admin/admin.php, as de...
Wordpress Wordpress
NA
CVE-2007-5267
Off-by-one error in ICC profile chunk handling in the png_set_iCCP function in pngset.c in libpng prior to 1.2.22 beta1 allows remote malicious users to cause a denial of service (crash) via a crafted PNG image, due to an incorrect fix for CVE-2007-5266.
Libpng Libpng
NA
CVE-2010-3273
ZOHO ManageEngine ADSelfService Plus prior to 4.5 Build 4500 allows remote malicious users to reset user passwords, and consequently obtain access to arbitrary user accounts, by providing a user id to accounts/ValidateUser, and then providing a new password to accounts/ResetResul...
Zohocorp Manageengine Adselfservice Plus
NA
CVE-2009-13573
Core Security Technologies Advisory - An HTTP Response Splitting vulnerability has been discovered in Sun Java System Delegated Administrator.
NA
CVE-2011-1509
The encryptPassword function in Login.js in ManageEngine ServiceDesk Plus (SDP) 8012 and previous versions uses a Caesar cipher for encryption of passwords in cookies, which makes it easier for remote malicious users to obtain sensitive information by sniffing the network.
Manageengine Servicedesk Plus 8.0
Manageengine Servicedesk Plus
NA
CVE-2011-18723
Core Security Technologies Advisory - A security vulnerability was found in the driver 'vmswitch.sys', associated to the Windows Hypervisor subsystem, allowing an authenticated local DoS. The vulnerability could allow denial of service if a specially crafted packet is s...
NA
CVE-2009-35763
Core Security Technologies Advisory - Autodesk SoftImage Scene TOC suffers from an arbitrary command execution vulnerability.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »