Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nsa vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2021-32093
The ConfigFileAction component of U.S. National Security Agency (NSA) Emissary 5.9.0 allows an authenticated user to read arbitrary files via the ConfigName parameter.
312
VMScore
CVE-2018-5281
SonicWall SonicOS on Network Security Appliance (NSA) 2017 Q4 devices has XSS via the CFS Custom Category and Cloud AV DB Exclusion Settings screens.
Sonicwall Sonicos
NA
CVE-2022-22067
Potential memory leak in modem during the processing of NSA RRC Reconfiguration with invalid Radio Bearer Config in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile
Qualcomm Ar8035 Firmware -
Qualcomm Qca6390 Firmware -
Qualcomm Qca6391 Firmware -
Qualcomm Qca6421 Firmware -
Qualcomm Qca6426 Firmware -
Qualcomm Qca6431 Firmware -
Qualcomm Qca6436 Firmware -
Qualcomm Qca6574a Firmware -
Qualcomm Qca6574au Firmware -
Qualcomm Qca6595au Firmware -
Qualcomm Qca6696 Firmware -
Qualcomm Qca8081 Firmware -
Qualcomm Qca8337 Firmware -
Qualcomm Sa515m Firmware -
Qualcomm Sd 8 Gen1 5g Firmware -
Qualcomm Sd480 Firmware -
Qualcomm Sd690 5g Firmware -
Qualcomm Sd695 Firmware -
Qualcomm Sd750g Firmware -
Qualcomm Sd765 Firmware -
Qualcomm Sd765g Firmware -
Qualcomm Sd768g Firmware -
605
VMScore
CVE-2021-32096
The ConsoleAction component of U.S. National Security Agency (NSA) Emissary 5.9.0 allows a CSRF attack that results in injecting arbitrary Ruby code (for an eval call) via the CONSOLE_COMMAND_STRING parameter.
893
VMScore
CVE-2020-0646
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka '.NET Framework Remote Code Execution Injection Vulnerability'.
Microsoft .net Framework 3.0
Microsoft .net Framework 3.5
Microsoft .net Framework 4.6.2
Microsoft .net Framework 4.7
Microsoft .net Framework 4.7.1
Microsoft .net Framework 4.7.2
Microsoft .net Framework 4.8
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.5.2
Microsoft .net Framework 4.6
Microsoft .net Framework 4.6.1
11 Github repositories
2 Articles
383
VMScore
CVE-2021-32092
A Cross-site scripting (XSS) vulnerability in the DocumentAction component of U.S. National Security Agency (NSA) Emissary 5.9.0 allows remote malicious users to inject arbitrary web script or HTML via the uuid parameter.
570
VMScore
CVE-2020-6958
An XXE vulnerability in JnlpSupport in Yet Another Java Service Wrapper (YAJSW) 12.14, as used in NSA Ghidra and other products, allows malicious users to exfiltrate data from remote hosts and potentially cause denial-of-service.
Yet Another Java Service Wrapper Project Yet Another Java Service Wrapper 12.14
578
VMScore
CVE-2021-27602
SAP Commerce, versions - 1808, 1811, 1905, 2005, 2011, Backoffice application allows certain authorized users to create source rules which are translated to drools rule when published to certain modules within the application. An attacker with this authorization can inject malici...
2 Articles
231
VMScore
CVE-2004-1396
Winamp 5.07 and possibly other versions, allows remote malicious users to cause a denial of service (application crash or CPU consumption) via (1) an mp4 or m4a playlist file that contains invalid tag data or (2) an invalid .nsv or .nsa file.
Nullsoft Winamp 5.07
537
VMScore
CVE-2020-0601
A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file wa...
Microsoft Windows 10 1607
Microsoft Windows Server 2016 -
Microsoft Windows 10 -
Microsoft Windows 10 1709
Microsoft Windows 10 1803
Microsoft Windows Server 2016 1803
Microsoft Windows Server 2019 -
Microsoft Windows 10 1809
Microsoft Windows Server 2016 1903
Microsoft Windows 10 1903
Microsoft Windows 10 1909
Microsoft Windows Server 2016 1909
Golang Go
70 Github repositories
5 Articles
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »