Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
securiteam vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-5347
Seagate Media Server in Seagate Personal Cloud has unauthenticated command injection in the uploadTelemetry and getLogs functions in views.py because .psp URLs are handled by the fastcgi.server component and shell metacharacters are mishandled.
Seagate Personal Cloud Firmware -
1 EDB exploit
9.8
CVSSv3
CVE-2018-15379
A vulnerability in which the HTTP web server for Cisco Prime Infrastructure (PI) has unrestricted directory permissions could allow an unauthenticated, remote malicious user to upload an arbitrary file. This file could allow the malicious user to execute commands at the privilege...
Cisco Prime Infrastructure 3.4\\(0.0\\)
Cisco Prime Infrastructure 3.5\\(0.0\\)
Cisco Prime Infrastructure 3.2\\(0.0\\)
Cisco Prime Infrastructure 3.2\\(2.0\\)
Cisco Prime Infrastructure 3.2
Cisco Prime Infrastructure 3.3
Cisco Prime Infrastructure 3.4
Cisco Prime Infrastructure 3.2\\(1.0\\)
Cisco Prime Infrastructure 3.3\\(0.0\\)
1 EDB exploit
7.8
CVSSv3
CVE-2017-12653
360 Total Security 9.0.0.1202 prior to 2017-07-07 allows Privilege Escalation via a Trojan horse Shcore.dll file in any directory in the PATH, as demonstrated by the C:\Python27 directory.
360totalsecurity 360 Total Security
1 EDB exploit
5.9
CVSSv3
CVE-2017-3898
A man-in-the-middle attack vulnerability in the non-certificate-based authentication mechanism in McAfee LiveSafe (MLS) versions before 16.0.3 allows network malicious users to modify the Windows registry value associated with the McAfee update via the HTTP backend-response.
Mcafee Livesafe
1 EDB exploit
7.8
CVSSv3
CVE-2017-15649
net/packet/af_packet.c in the Linux kernel prior to 4.13.6 allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-fre...
Linux Linux Kernel
1 EDB exploit
9.8
CVSSv3
CVE-2018-5955
An issue exists in GitStack up to and including 2.3.10. User controlled input is not sufficiently filtered, allowing an unauthenticated malicious user to add a user to the server via the username and password fields to the rest/user/ URI.
Smartmobilesoftware Gitstack
2 EDB exploits
8 Github repositories
8.8
CVSSv3
CVE-2018-2698
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are before 5.1.32 and before 5.2.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracl...
Oracle Vm Virtualbox
1 EDB exploit
9.8
CVSSv3
CVE-2017-1092
IBM Informix Open Admin Tool 11.5, 11.7, and 12.1 could allow an unauthorized user to execute arbitrary code as system admin on Windows servers. IBM X-Force ID: 120390.
Ibm Informix Open Admin Tool 12.1
Ibm Informix Open Admin Tool 11.7
Ibm Informix Open Admin Tool 11.5
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5