Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
metasploit vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-3757
The Saxon XSLT parser in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote malicious users to obtain sensitive information and execute arbitrary code via dangerous Java class methods in select attribute of xsl:value-of tags in XSLT style sheets, su...
Google Mini Search Appliance
Google Search Appliance
2 EDB exploits
4.3
CVSSv3
CVE-2018-6849
In the WebRTC component in DuckDuckGo 4.2.0, after visiting a web site that attempts to gather complete client information (such as https://ip.voidsec.com), the browser can disclose a private IP address in a STUN request.
Duckduckgo Duckduckgo 4.2.0
1 EDB exploit
NA
CVE-2003-1141
Buffer overflow in NIPrint 4.10 allows remote malicious users to execute arbitrary code via a long string to TCP port 515.
Network Instruments Niprint Lpd-lpr Print Server 4.10
1 EDB exploit
NA
CVE-1999-0502
A Unix account has a default, null, blank, or missing password.
Sun Sunos 5.7
Hp Hp-ux 11
Sun Sunos 5.8
Sun Sunos 5.5.1
Hp Hp-ux 10.20
Redhat Linux 6.0
Sun Solaris 2.6
1 EDB exploit
NA
CVE-2011-1571
Unspecified vulnerability in the XSL Content portlet in Liferay Portal Community Edition (CE) 5.x and 6.x prior to 6.0.6 GA, when Apache Tomcat is used, allows remote malicious users to execute arbitrary commands via unknown vectors.
Liferay Liferay Portal
1 EDB exploit
1 Github repository
NA
CVE-2013-5036
The Square Squash allows remote malicious users to execute arbitrary code via a YAML document in the (1) namespace parameter to the deobfuscation function or (2) sourcemap parameter to the sourcemap function in app/controllers/api/v1_controller.rb.
Squash Square Squash -
1 EDB exploit
NA
CVE-2005-2373
Buffer overflow in SlimFTPd 3.15 and 3.16 allows remote authenticated users to execute arbitrary code via a long directory name to (1) LIST, (2) DELE or (3) RNFR commands.
Whitsoft Development Slimftpd 3.15
Whitsoft Development Slimftpd 3.16
1 EDB exploit
7.8
CVSSv3
CVE-2016-4656
The kernel in Apple iOS prior to 9.3.5 allows malicious users to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
Apple Iphone Os
1 EDB exploit
11 Github repositories
NA
CVE-2013-4212
Certain getText methods in the ActionSupport controller in Apache Roller prior to 5.0.2 allow remote malicious users to execute arbitrary OGNL expressions via the first or second parameter, as demonstrated by the pageTitle parameter in the !getPageTitle sub-URL to roller-ui/login...
Apache Roller 4.0
Apache Roller 4.0.1
Apache Roller
Apache Roller 5.0
1 EDB exploit
1 Github repository
NA
CVE-2013-4490
The SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell prior to 1.7.3, as used in GitLab 5.0 prior to 5.4.1 and 6.x prior to 6.2.3, allows remote authenticated users to execute arbitrary commands via shell metacharacters in the public key.
Gitlab Gitlab 6.0.0
Gitlab Gitlab 6.2.0
Gitlab Gitlab 5.2.0
Gitlab Gitlab 5.0.1
Gitlab Gitlab-shell
Gitlab Gitlab-shell 1.4.0
Gitlab Gitlab-shell 1.2.0
Gitlab Gitlab-shell 1.7.1
Gitlab Gitlab-shell 1.7.0
Gitlab Gitlab-shell 1.6.0
Gitlab Gitlab-shell 1.5.0
Gitlab Gitlab 6.2.1
Gitlab Gitlab 6.2.2
Gitlab Gitlab 5.4.0
Gitlab Gitlab 5.3.0
Gitlab Gitlab-shell 1.0.4
Gitlab Gitlab 6.1.0
Gitlab Gitlab 5.1.0
Gitlab Gitlab 5.0.0
Gitlab Gitlab-shell 1.3.0
Gitlab Gitlab-shell 1.1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »