Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2018-2006
IBM Robotic Process Automation with Automation Anywhere 11 could allow a remote malicious user to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to upload arbitrary files to the system. IB...
Ibm Robotic Process Automation With Automation Anywhere
578
VMScore
CVE-2018-20063
An issue exists in Gurock TestRail 5.6.0.3853. An "Unrestricted Upload of File" vulnerability exists in the image-upload form (available in the description editor), allowing remote authenticated users to execute arbitrary code by uploading an image file with an executab...
Gurock Testrail 5.6.0.3853
NA
CVE-2021-27785
HCL Commerce's Remote Store server could allow a local malicious user to obtain sensitive personal information. The vulnerability requires the victim to first perform a particular operation on the website.
Hcltechsw Hcl Commerce
605
VMScore
CVE-2021-27786
Cross-origin resource sharing (CORS) enables browsers to perform cross domain requests in a controlled manner. This request has an Origin header that identifies the domain that is making the initial request and defines the protocol between a browser and server to see if the reque...
Hcltech Onetest Server 10.1
Hcltech Onetest Server 10.2
Hcltech Onetest Server 10.0
NA
CVE-2021-27788
HCL Verse is susceptible to a Cross Site Scripting (XSS) vulnerability. By tricking a user into clicking a crafted URL, a remote unauthenticated attacker could execute script in a victim's web browser to perform operations as the victim and/or steal the victim's cookies...
Hcltech Verse
445
VMScore
CVE-2018-20064
doorGets 7.0 allows remote malicious users to write to arbitrary files via directory traversal, as demonstrated by a dg-user/?controller=theme&action=edit&name=doorgets&file=../../1.txt%00 URI with content in the theme_content_nofi parameter.
Doorgets Doorgets 7.0
383
VMScore
CVE-2018-20067
A renderer initiated back navigation was incorrectly allowed to cancel a browser initiated one in Navigation in Google Chrome before 71.0.3578.80 allowed a remote malicious user to confuse the user about the origin of the current page via a crafted HTML page.
Google Chrome
383
VMScore
CVE-2018-20068
Incorrect handling of 304 status codes in Navigation in Google Chrome before 71.0.3578.80 allowed a remote malicious user to confuse the user about the origin of the current page via a crafted HTML page.
Google Chrome
187
VMScore
CVE-2019-20534
An issue exists on Samsung mobile devices with P(9.0) software. Attackers can view home-screen wallpaper by adjusting the brightness of a locked screen. The Samsung ID is SVE-2019-15540 (December 2019).
Google Android 9.0
187
VMScore
CVE-2019-20540
An issue exists on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. There is a buffer over-read and possible information leak in the core touch screen driver. The Samsung ID is SVE-2019-14942 (November 2019).
Google Android 7.0
Google Android 7.1.0
Google Android 7.1.1
Google Android 7.1.2
Google Android 8.0
Google Android 8.1
Google Android 9.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »