Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hyp3rlinx.altervista.org vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2017-12965
Session fixation vulnerability in Apache2Triad 1.5.4 allows remote malicious users to hijack web sessions via the PHPSESSID parameter.
Apache2triad Apache2triad 1.5.4
1 EDB exploit
685
VMScore
CVE-2017-12969
Buffer overflow in the ViewerCtrlLib.ViewerCtrl ActiveX control in Avaya IP Office Contact Center prior to 10.1.1 allows remote malicious users to cause a denial of service (heap corruption and crash) or execute arbitrary code via a long string to the open method.
Avaya Ip Office Contact Center 9.1.0
Avaya Ip Office Contact Center 9.1.0.2209.1540
Avaya Ip Office Contact Center 9.1.6
Avaya Ip Office Contact Center 9.1.7
Avaya Ip Office Contact Center 9.1.8
Avaya Ip Office Contact Center 9.1.9
Avaya Ip Office Contact Center 9.1
Avaya Ip Office Contact Center 10.0
Avaya Ip Office Contact Center 10.0.0.3-8600.1705
Avaya Ip Office Contact Center 10.1
1 EDB exploit
685
VMScore
CVE-2017-12970
Cross-site request forgery (CSRF) vulnerability in Apache2Triad 1.5.4 allows remote malicious users to hijack the authentication of authenticated users for requests that (1) add or (2) delete user accounts via a request to phpsftpd/users.php.
Apache2triad Apache2triad 1.5.4
1 EDB exploit
435
VMScore
CVE-2017-12971
Cross-site scripting (XSS) vulnerability in Apache2Triad 1.5.4 allows remote malicious users to inject arbitrary web script or HTML via the account parameter to phpsftpd/users.php.
Apache2triad Apache2triad 1.5.4
1 EDB exploit
505
VMScore
CVE-2017-6805
Directory traversal vulnerability in the TFTP server in MobaXterm Personal Edition 9.4 allows remote malicious users to read arbitrary files via a .. (dot dot) in a GET command.
Mobatek Mobaxterm 9.4
1 EDB exploit
1000
VMScore
CVE-2018-7756
RunExeFile.exe in the installer for DEWESoft X3 SP1 (64-bit) devices does not require authentication for sessions on TCP port 1999, which allows remote malicious users to execute arbitrary code or access internal commands, as demonstrated by a RUN command that launches a .EXE fil...
Dewesoft Dewesoft X3
1 EDB exploit
505
VMScore
CVE-2018-15745
Argus Surveillance DVR 4.0.0.0 devices allow Unauthenticated Directory Traversal, leading to File Disclosure via a ..%2F in the WEBACCOUNT.CGI RESULTPAGE parameter.
Argussurveillance Dvr 4.0.0.0
1 EDB exploit
755
VMScore
CVE-2017-7237
The Spiceworks TFTP Server, as distributed with Spiceworks Inventory 7.5, allows remote malicious users to access the Spiceworks data\configurations directory by leveraging the unauthenticated nature of the TFTP service for all clients who can reach UDP port 69, as demonstrated b...
Spiceworks Spiceworks 7.5
1 EDB exploit
685
VMScore
CVE-2017-11309
Buffer overflow in the SoftConsole client in Avaya IP Office prior to 10.1.1 allows remote servers to execute arbitrary code via a long response.
Avaya Ip Office
1 EDB exploit
435
VMScore
CVE-2017-0045
Windows DVD Maker in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, and Windows Vista SP2 does not properly parse crafted .msdvd files, which allows malicious users to obtain information to compromise a target system, aka "Windows DVD Maker Cross-Site Request Forgery Vul...
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »