Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
longer vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2020-9377
D-Link DIR-610 devices allow Remote Command Execution via the cmd parameter to command.php. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Dlink Dir-610 Firmware -
1 Github repository
7.5
CVSSv3
CVE-2020-9376
D-Link DIR-610 devices allow Information Disclosure via SERVICES=DEVICE.ACCOUNT%0AAUTHORIZED_GROUP=1 to getcfg.php. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Dlink Dir-610 Firmware -
1 Github repository
9.8
CVSSv3
CVE-2016-20009
A DNS client stack-based buffer overflow in ipdnsc_decode_name() affects Wind River VxWorks 6.5 up to and including 7. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Windriver Vxworks
Siemens Sgt-100 Firmware
Siemens Sgt-200 Firmware
Siemens Sgt-300 Firmware
Siemens Sgt-400 Firmware
Siemens Sgt-a20 Firmware
Siemens Sgt-a35 Firmware
Siemens Sgt-a65 Firmware
9.8
CVSSv3
CVE-2017-17878
An issue exists in Valve Steam Link build 643. Root passwords longer than 8 characters are truncated because of the default use of DES (aka the CONFIG_FEATURE_DEFAULT_PASSWD_ALGO="des" setting).
Valvesoftware Steam Link Firmware
6.1
CVSSv3
CVE-2021-38157
LeoStream Connection Broker 9.x prior to 9.0.34.3 allows Unauthenticated Reflected XSS via the /index.pl user parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Leostream Connection Broker
NA
CVE-2005-3483
Buffer overflow in GO-Global for Windows 3.1.0.3270 and previous versions allows remote malicious users to execute arbitrary code via a data block that is longer than the specified data block size.
Graphon Go-global 3.1.0.3270
1 EDB exploit
9.8
CVSSv3
CVE-2015-9035
In all Qualcomm products with Android releases from CAF using the Linux kernel, a memory buffer fails to be freed after it is no longer needed potentially resulting in memory exhaustion.
Google Android
9.8
CVSSv3
CVE-2024-23978
Heap-based buffer overflow vulnerability exists in HOME SPOT CUBE2 V102 and previous versions. By processing invalid values, arbitrary code may be executed. Note that the affected products are no longer supported.
Kddi Home Spot Cube 2 Firmware V102
5.3
CVSSv3
CVE-2020-10660
HashiCorp Vault and Vault Enterprise versions 0.9.0 up to and including 1.3.3 may, under certain circumstances, have an Entity's Group membership inadvertently include Groups the Entity no longer has permissions to. Fixed in 1.3.4.
Hashicorp Vault
9.8
CVSSv3
CVE-2023-36090
Authentication Bypass vulnerability in D-Link DIR-885L FW102b01 allows remote malicious users to gain escalated privileges via phpcgi. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Dlink Dir-885l Firmware 1.02
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »