Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sec consult vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-19458
SALTO ProAccess SPACE 5.4.3.0 allows Directory Traversal in the Data Export feature.
Saltosystem Proaccess Space
7.5
CVSSv2
CVE-2019-19459
An issue exists in SALTO ProAccess SPACE 5.4.3.0. An attacker can write arbitrary content to arbitrary files, as demonstrated by CVE-2019-19458 files under the web root, or .bat files that will be used with auto start. This allows an malicious user to execute arbitrary commands o...
Saltosystem Proaccess Space
6.6
CVSSv2
CVE-2019-19460
An issue exists in SALTO ProAccess SPACE 5.4.3.0. The product's webserver runs as a Windows service with local SYSTEM permissions by default. This is against the principle of least privilege. An attacker who is able to exploit CVE-2019-19458 or CVE-2019-19459 is basically ab...
Saltosystem Proaccess Space
7.2
CVSSv2
CVE-2013-1813
util-linux/mdev.c in BusyBox prior to 1.21.0 uses 0777 permissions for parent directories when creating nested directories under /dev/, which allows local users to have unknown impact and attack vectors.
Redhat Enterprise Linux 6.0
T-mobile Tm-ac1900 3.0.0.4.376 3169
Busybox Busybox 0.38
Busybox Busybox 0.46
Busybox Busybox 0.47
Busybox Busybox 0.60.1
Busybox Busybox 0.60.2
Busybox Busybox 0.60.3
Busybox Busybox 1.1.2
Busybox Busybox 1.1.3
Busybox Busybox 1.11.1
Busybox Busybox 1.11.2
Busybox Busybox 1.13.1
Busybox Busybox 1.13.2
Busybox Busybox 1.14.4
Busybox Busybox 1.15.0
Busybox Busybox 1.17.0
Busybox Busybox 1.17.1
Busybox Busybox 1.18.4
Busybox Busybox 1.18.5
Busybox Busybox 1.2.2
Busybox Busybox 1.2.2.1
3.5
CVSSv2
CVE-2019-16172
LimeSurvey before v3.17.14 allows stored XSS for escalating privileges from a low-privileged account to, for example, SuperAdmin. The attack uses a survey group in which the title contains JavaScript that is mishandled upon group deletion.
Limesurvey Limesurvey
1 EDB exploit
3.5
CVSSv2
CVE-2019-16173
LimeSurvey before v3.17.14 allows reflected XSS for escalating privileges from a low-privileged account to, for example, SuperAdmin. This occurs in application/core/Survey_Common_Action.php,
Limesurvey Limesurvey
1 EDB exploit
3.5
CVSSv2
CVE-2021-41557
Sofico Miles RIA 2020.2 Build 127964T is affected by Stored Cross Site Scripting (XSS). An attacker with access to a user account of the RIA IT or the Fleet role can create a crafted work order in the damage reports section (or change existing work orders). The XSS payload is in ...
Sofico Miles Rich Internet Application 2020.2
3.5
CVSSv2
CVE-2021-20562
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 up to and including 5.2.6.5_3 and 6.1.0.0 up to and including 6.1.0.2 vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality...
Ibm Sterling B2b Integrator
5
CVSSv2
CVE-2019-15045
AjaxDomainServlet in Zoho ManageEngine ServiceDesk Plus 10 allows User Enumeration. NOTE: the vendor's position is that this is intended functionality
Zohocorp Manageengine Servicedesk Plus
5
CVSSv2
CVE-2019-15046
Zoho ManageEngine ServiceDesk Plus 10 prior to 10509 allows unauthenticated sensitive information leakage during Fail Over Service (FOS) replication, aka SD-79989.
Zohocorp Manageengine Servicedesk Plus
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »