Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
korelogic.com vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-20542
The Artica Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the www-data user. Version 4.50 is affected.
NA
CVE-2024-2055
The "Rich Filemanager" feature of Artica Proxy provides a web-based interface for file management capabilities. When the feature is enabled, it does not require authentication by default, and runs as the root user.
NA
CVE-2024-20552
The Rich Filemanager feature of Artica Proxy versions 4.40 and 4.50 provides a web-based interface for file management capabilities. When the feature is enabled, it does not require authentication by default, and runs as the root user. This provides an unauthenticated attacker co...
NA
CVE-2023-202242
Cisco ThousandEyes Enterprise Agent Virtual Appliance version thousandeyes-va-64-18.04 0.218 has an insecure sudo configuration which permits a low-privilege user to run arbitrary commands as root via the tcpdump command without a password.
7.5
CVSSv3
CVE-2020-28331
Barco wePresent WiPG-1600W devices have Improper Access Control. Affected Version(s): 2.5.1.8. The Barco wePresent WiPG-1600W device has an SSH daemon included in the firmware image. By default, the SSH daemon is disabled and does not start at system boot. The system initializati...
Barco Wepresent Wipg-1600w Firmware 2.5.1.8
8.8
CVSSv3
CVE-2018-15767
The Dell OpenManage Network Manager virtual appliance versions before 6.5.3 contain an improper authorization vulnerability caused by a misconfiguration in the /etc/sudoers file.
Dell Openmanage Network Manager
1 EDB exploit
6.5
CVSSv3
CVE-2018-15768
Dell OpenManage Network Manager versions before 6.5.0 enabled read/write access to the file system for MySQL users due to insecure default configuration setting for the embedded MySQL database.
Dell Openmanage Network Manager
1 EDB exploit
NA
CVE-2021-465592
Moxa TN-5900 versions 3.1.0 and below use an insecure method to validate firmware updates. A malicious user with access to the management interface can upload arbitrary code in a crafted
NA
CVE-2021-465602
Moxa TN-5900 versions 3.1 and below suffer from an issue where a user who has authenticated to the management web application is able to leverage a command injection vulnerability in the p12 processing code of the certificate management function web_CERMGMTUpload.
5.5
CVSSv3
CVE-2023-20217
A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, local malicious user to elevate privileges on an affected device. This vulnerability is due to insufficient input validation by the operating syst...
Cisco Thousandeyes Enterprise Agent
Cisco Thousandeyes Recorder -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »