Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nsa vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2018-5281
SonicWall SonicOS on Network Security Appliance (NSA) 2017 Q4 devices has XSS via the CFS Custom Category and Cloud AV DB Exclusion Settings screens.
Sonicwall Sonicos
7.8
CVSSv3
CVE-2022-22067
Potential memory leak in modem during the processing of NSA RRC Reconfiguration with invalid Radio Bearer Config in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile
Qualcomm Ar8035 Firmware -
Qualcomm Qca6390 Firmware -
Qualcomm Qca6391 Firmware -
Qualcomm Qca6421 Firmware -
Qualcomm Qca6426 Firmware -
Qualcomm Qca6431 Firmware -
Qualcomm Qca6436 Firmware -
Qualcomm Qca6574a Firmware -
Qualcomm Qca6574au Firmware -
Qualcomm Qca6595au Firmware -
Qualcomm Qca6696 Firmware -
Qualcomm Qca8081 Firmware -
Qualcomm Qca8337 Firmware -
Qualcomm Sa515m Firmware -
Qualcomm Sd 8 Gen1 5g Firmware -
Qualcomm Sd480 Firmware -
Qualcomm Sd690 5g Firmware -
Qualcomm Sd695 Firmware -
Qualcomm Sd750g Firmware -
Qualcomm Sd765 Firmware -
Qualcomm Sd765g Firmware -
Qualcomm Sd768g Firmware -
9.8
CVSSv3
CVE-2020-0646
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka '.NET Framework Remote Code Execution Injection Vulnerability'.
Microsoft .net Framework 3.0
Microsoft .net Framework 3.5
Microsoft .net Framework 4.6.2
Microsoft .net Framework 4.7
Microsoft .net Framework 4.7.1
Microsoft .net Framework 4.7.2
Microsoft .net Framework 4.8
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.5.2
Microsoft .net Framework 4.6
Microsoft .net Framework 4.6.1
12 Github repositories
2 Articles
8.8
CVSSv3
CVE-2021-32096
The ConsoleAction component of U.S. National Security Agency (NSA) Emissary 5.9.0 allows a CSRF attack that results in injecting arbitrary Ruby code (for an eval call) via the CONSOLE_COMMAND_STRING parameter.
6.1
CVSSv3
CVE-2021-32092
A Cross-site scripting (XSS) vulnerability in the DocumentAction component of U.S. National Security Agency (NSA) Emissary 5.9.0 allows remote malicious users to inject arbitrary web script or HTML via the uuid parameter.
9.9
CVSSv3
CVE-2021-27602
SAP Commerce, versions - 1808, 1811, 1905, 2005, 2011, Backoffice application allows certain authorized users to create source rules which are translated to drools rule when published to certain modules within the application. An attacker with this authorization can inject malici...
2 Articles
9.1
CVSSv3
CVE-2020-6958
An XXE vulnerability in JnlpSupport in Yet Another Java Service Wrapper (YAJSW) 12.14, as used in NSA Ghidra and other products, allows malicious users to exfiltrate data from remote hosts and potentially cause denial-of-service.
Yet Another Java Service Wrapper Project Yet Another Java Service Wrapper 12.14
8.1
CVSSv3
CVE-2020-0601
A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file wa...
Microsoft Windows 10 1607
Microsoft Windows Server 2016 -
Microsoft Windows 10 -
Microsoft Windows 10 1709
Microsoft Windows 10 1803
Microsoft Windows Server 2016 1803
Microsoft Windows Server 2019 -
Microsoft Windows 10 1809
Microsoft Windows Server 2016 1903
Microsoft Windows 10 1903
Microsoft Windows 10 1909
Microsoft Windows Server 2016 1909
Golang Go
71 Github repositories
5 Articles
NA
CVE-2004-1396
Winamp 5.07 and possibly other versions, allows remote malicious users to cause a denial of service (application crash or CPU consumption) via (1) an mp4 or m4a playlist file that contains invalid tag data or (2) an invalid .nsv or .nsa file.
Nullsoft Winamp 5.07
9.8
CVSSv3
CVE-2022-27518
Unauthenticated remote arbitrary code execution
Citrix Application Delivery Controller Firmware
Citrix Gateway Firmware
3 Github repositories
3 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »