Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
locator vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2018-7526
In TotalAlert Web Application in BeaconMedaes Scroll Medical Air Systems prior to v4107600010.23, by accessing a specific uniform resource locator (URL) on the webserver, a malicious user may be able to access information in the application without authenticating.
Beaconmedaes Scroll Medical Air Systems Firmware
NA
CVE-2022-2757
Due to the lack of adequately implemented access-control rules, all versions Kingspan TMS300 CS are vulnerable to an attacker viewing and modifying the application settings without authenticating by accessing a specific uniform resource locator (URL) on the webserver.
Kingspan Tms300 Cs Firmware
7.5
CVSSv2
CVE-2017-14000
An Improper Authentication issue exists in Ctek SkyRouter Series 4200 and 4400, all versions prior to V6.00.11. By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access the application without authenticating.
Ctekproducts Skyrouter Z4200 Firmware
Ctekproducts Skyrouter Z4400 Firmware
NA
CVE-2023-4476
The Locatoraid Store Locator WordPress plugin prior to 3.9.24 does not sanitise and escape the lpr-search parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
Plainware Locatoraid
5
CVSSv2
CVE-2017-15696
When an Apache Geode cluster before v1.4.0 is operating in secure mode, the Geode configuration service does not properly authorize configuration requests. This allows an unprivileged user who gains access to the Geode locator to extract configuration data and previously deployed...
Apache Geode
4.6
CVSSv2
CVE-2017-11032
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a double free can occur when kmalloc fails to allocate memory for pointers resp/req in the service-locator driver function service_locator_send_msg().
Google Android -
6.8
CVSSv2
CVE-2017-8259
In the service locator in all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow can occur as the variable set for determining the size of the buffer is not used to indicate the size of the buffer.
Google Android -
7.8
CVSSv2
CVE-2011-0946
The NAT implementation in Cisco IOS 12.1 up to and including 12.4 and 15.0 up to and including 15.1, and IOS XE 3.1.xSG, allows remote malicious users to cause a denial of service (device reload or hang) via malformed NetMeeting Directory (aka Internet Locator Service or ILS) LDA...
Cisco Ios Xe 3.1.0sg
Cisco Ios Xe 3.1.1sg
Cisco Ios
10
CVSSv2
CVE-2007-5538
Buffer overflow in the Centralized TFTP File Locator Service in Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 prior to 5.1(3), and Unified CallManager 5.0, allows remote malicious users to execute arbitrary code or cause a denial of service via unspecified...
Cisco Unified Callmanager 5.0
Cisco Unified Communications Manager
9.3
CVSSv2
CVE-2008-3007
Argument injection vulnerability in a URI handler in Microsoft Office XP SP3, 2003 SP2 and SP3, 2007 Office System Gold and SP1, and Office OneNote 2007 Gold and SP1 allow remote malicious users to execute arbitrary code via a crafted onenote:// URL, aka "Uniform Resource Lo...
Microsoft Office Onenote 2007
Microsoft Office 2003
Microsoft Office Xp
Microsoft Office 2007
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »