Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
scott vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-48903
Stored Cross-Site Scripting (XSS) vulnerability in tramyardg autoexpress 1.3.0, allows remote unauthenticated malicious users to inject arbitrary web script or HTML within parameter "imgType" via in uploadCarImages.php.
NA
CVE-2013-1311
Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote malicious users to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability."
Microsoft Internet Explorer 8
1 EDB exploit
8.1
CVSSv3
CVE-2017-12718
A Classic Buffer Overflow issue exists in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. A third-party component used in the pump does not verify input buffer size prior to copying, leading to a buffer overflow, allowing remote code execu...
Smiths-medical Medfusion 4000 Wireless Syringe Infusion Pump 1.1
Smiths-medical Medfusion 4000 Wireless Syringe Infusion Pump 1.5
Smiths-medical Medfusion 4000 Wireless Syringe Infusion Pump 1.6
1 EDB exploit
NA
CVE-2002-2106
PHP remote file inclusion vulnerability in WikkiTikkiTavi prior to 0.21 allows remote malicious users to execute arbitrary PHP code via the TemplateDir variable, as demonstrated using conflict.php.
Wikkitikkitavi Wikkitikkitavi 0.10
Wikkitikkitavi Wikkitikkitavi 0.20
Wikkitikkitavi Wikkitikkitavi 0.5
1 EDB exploit
NA
CVE-2014-1683
The bashMail function in cms/data/skins/techjunkie/fragments/contacts/functions.php in SkyBlueCanvas CMS prior to 1.1 r248-04, when the pid parameter is 4, allows remote malicious users to execute arbitrary commands via shell metacharacters in the (1) name, (2) email, (3) subject...
Skybluecanvas Skybluecanvas
2 EDB exploits
NA
CVE-2013-0025
Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote malicious users to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer SLayoutRun Use After Free Vulnerability."
Microsoft Internet Explorer 8
2 EDB exploits
NA
CVE-2003-0955
OpenBSD kernel 3.3 and 3.4 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code in 3.4 via a program with an invalid header that is not properly handled by (1) ibcs2_exec.c in the iBCS2 emulation (compat_ibcs2) or (2) exec_elf.c, whic...
Openbsd Openbsd 3.3
Openbsd Openbsd 3.4
2 EDB exploits
5.4
CVSSv3
CVE-2019-7004
A Cross-Site Scripting (XSS) vulnerability in the WebUI component of IP Office Application Server could allow unauthorized code execution and potentially disclose sensitive information. All product versions 11.x are affected. Product versions before 11.0, including unsupported ve...
Avaya Ip Office Application Server
NA
CVE-2013-0632
administrator.cfc in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote malicious users to bypass authentication and possibly execute arbitrary code by logging in to the RDS component using the default empty password and leveraging this session to access the administrative ...
Adobe Coldfusion 9.0
Adobe Coldfusion 9.0.1
Adobe Coldfusion 9.0.2
Adobe Coldfusion 10.0
3 EDB exploits
3 Github repositories
NA
CVE-2003-0605
The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote malicious users to cause a denial of service (crash), and local malicious users to use the DoS to hijack the epmapper pipe to gain privileges, via certain messages to the __RemoteGetClassObject interface that cause ...
Microsoft Windows 2000
10 EDB exploits
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5