Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
locator vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2017-14003
An Authentication Bypass by Spoofing issue exists in LAVA Ether-Serial Link (ESL) running firmware versions 6.01.00/29.03.2007 and prior versions. An improper authentication vulnerability has been identified, which, if exploited, would allow an attacker with the same IP address t...
Lavalink Ether-serial Link Firmware
6.4
CVSSv2
CVE-2016-9362
An issue exists in WAGO 750-8202/PFC200 prior to FW04 (released August 2015), WAGO 750-881 prior to FW09 (released August 2016), and WAGO 0758-0874-0000-0111. By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to edit and to view se...
Wago Pfc200 Firmware -
Wago 750-xxxx Series Firmware -
Wago 758-xxxx Series Firmware -
5
CVSSv2
CVE-2017-7920
An Improper Authentication issue exists in ABB VSN300 WiFi Logger Card versions 1.8.15 and prior, and VSN300 WiFi Logger Card for React versions 2.1.3 and prior. By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access internal ...
Abb Vsn300 Firmware
Abb Vsn300 For React Firmware 2.1.3
7.5
CVSSv2
CVE-2019-19104
The web server in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows access to different endpoints of the application without authenticating by accessing a specific uniform resource locator (URL) , violating the access-control (ACL) rules. This issue a...
Abb Tg\\/s3.2 Firmware -
Busch-jaeger 6186\\/11 Firmware -
NA
CVE-2023-2031
The Locatoraid Store Locator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in versions up to, and including, 3.9.14 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possibl...
Plainware Locatoraid
NA
CVE-2023-48699
fastbots is a library for fast bot and scraper development using selenium and the Page Object Model (POM) design. Prior to version 0.1.5, an attacker could modify the locators.ini locator file with python code that without proper validation it's executed and it could lead to...
Ubertidavide Fastbots
10
CVSSv2
CVE-2019-12254
In multiple Tecson Tankspion and GOKs SmartBox 4 products the affected application doesn't properly restrict access to an endpoint that is responsible for saving settings, to a unauthenticated user with limited access rights. Based on the lack of adequately implemented acces...
Gok Smartbox 4 Lan Firmware
Gok Smartbox 4 Lan Pro Firmware
Tecson Lx-q-net Firmware
Tecson Lx-net Firmware
Tecson E-litro Net Firmware
NA
CVE-2022-37022
Apache Geode versions up to 1.12.2 and 1.13.2 are vulnerable to a deserialization of untrusted data flaw when using JMX over RMI on Java 11. Any user wishing to protect against deserialization attacks involving JMX or RMI should upgrade to Apache Geode 1.15. Use of 1.15 on Java 1...
Apache Geode
NA
CVE-2024-20311
A vulnerability in the Locator ID Separation Protocol (LISP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote malicious user to cause an affected device to reload. This vulnerability is due to the incorrect handling of LISP packets. A...
4.3
CVSSv2
CVE-2014-3262
The Locator/ID Separation Protocol (LISP) implementation in Cisco IOS 15.3(3)S and previous versions and IOS XE does not properly validate parameters in ITR control messages, which allows remote malicious users to cause a denial of service (CEF outage and packet drops) via malfor...
Cisco Ios 15.3m
Cisco Ios 15.3\\(3\\)m
Cisco Ios
Cisco Ios 15.3s
Cisco Ios Xe -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »