Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
discovery vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-47459
An issue in Knovos Discovery v.22.67.0 allows a remote malicious user to obtain sensitive information via the /DiscoveryReview/Service/CaseManagement.svc/GetProductSiteName component.
Knovos Discovery 22.67.0
1 Github repository
6.5
CVSSv2
CVE-2020-15816
In Western Digital WD Discovery prior to 4.0.251.0, a malicious application running with standard user permissions could potentially execute code in the application's process through library injection by using DYLD environment variables.
Westerndigital Wd Discovery
NA
CVE-2023-47460
SQL injection vulnerability in Knovos Discovery v.22.67.0 allows a remote malicious user to execute arbitrary code via the /DiscoveryProcess/Service/Admin.svc/getGridColumnStructure component.
Knovos Discovery 22.67.0
1 Github repository
6
CVSSv2
CVE-2016-8587
dlp_policy_upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and previous versions allows remote authenticated users to execute arbitrary code via an archive file containing a symlink to /eng_ptn_stores/prod/sensorSDK/data/ or /eng_ptn_stores/prod/sensorSDK/backup_p...
Trendmicro Threat Discovery Appliance
3.5
CVSSv2
CVE-2018-15365
A Reflected Cross-Site Scripting (XSS) vulnerability in Trend Micro Deep Discovery Inspector 3.85 and below could allow an malicious user to bypass CSRF protection and conduct an attack on vulnerable installations. An attacker must be an authenticated user in order to exploit the...
Trendmicro Deep Discovery Inspector
NA
CVE-2022-44725
OPC Foundation Local Discovery Server (LDS) up to and including 1.04.403.478 uses a hard-coded file path to a configuration file. This allows a normal user to create a malicious file that is loaded by LDS (running as a high-privilege user).
Opcfoundation Local Discovery Server
10
CVSSv2
CVE-2009-5143
GE Healthcare Discovery 530C has a password of #bigguy1 for the (1) acqservice user and (2) wsservice user of the Xeleris System, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or ...
Gehealthcare Discovery 530c Firmware -
10
CVSSv2
CVE-2013-7404
GE Healthcare Discovery NM 750b has a password of 2getin for the insite account for (1) Telnet and (2) FTP, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires ...
Gehealthcare Discovery Nm 750b
6.5
CVSSv2
CVE-2016-8593
Directory traversal vulnerability in upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and previous versions allows remote authenticated users to execute arbitrary code via a .. (dot dot) in the dID parameter.
Trendmicro Threat Discovery Appliance
7.2
CVSSv2
CVE-2017-11672
The OPC Foundation Local Discovery Server (LDS) prior to 1.03.367 is installed as a Windows Service without adding double quotes around the opcualds.exe executable path, which might allow local users to gain privileges.
Opcfoundation Local Discovery Server
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »