Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
server vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2021-23894
Deserialization of untrusted data vulnerability in McAfee Database Security (DBSec) before 4.8.2 allows a remote unauthenticated malicious user to create a reverse shell with administrator privileges on the DBSec server via carefully constructed Java serialized object sent to the...
Mcafee Database Security
10
CVSSv2
CVE-2021-21985
The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute com...
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
Vmware Cloud Foundation
15 Github repositories
1 Article
10
CVSSv2
CVE-2021-21986
The vSphere Client (HTML5) contains a vulnerability in a vSphere authentication mechanism for the Virtual SAN Health Check, Site Recovery, vSphere Lifecycle Manager, and VMware Cloud Director Availability plug-ins. A malicious actor with network access to port 443 on vCenter Serv...
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
Vmware Cloud Foundation
1 Github repository
1 Article
10
CVSSv2
CVE-2020-24918
A buffer overflow in the RTSP service of the Ambarella Oryx RTSP Server 2020-01-07 allows an unauthenticated malicious user to send a crafted RTSP request, with a long digest authentication header, to execute arbitrary code in parse_authentication_header() in libamprotocol-rtsp.s...
Ambarella Oryx Rtsp Server 2020-01-07
1 Github repository
10
CVSSv2
CVE-2021-28481
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server 2013
Microsoft Exchange Server 2019
Microsoft Exchange Server 2016
1 Article
10
CVSSv2
CVE-2021-28480
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server 2013
Microsoft Exchange Server 2019
Microsoft Exchange Server 2016
1 Github repository
1 Article
10
CVSSv2
CVE-2020-27227
An exploitable unatuhenticated command injection exists in the OpenClinic GA 5.173.3. Specially crafted web requests can cause commands to be executed on the server. An attacker can send a web request with parameters containing specific parameter to trigger this vulnerability, po...
Openclinic Ga Project Openclinic Ga 5.173.3
10
CVSSv2
CVE-2021-22986
On BIG-IP versions 16.0.x prior to 16.0.1.1, 15.1.x prior to 15.1.2.1, 14.1.x prior to 14.1.4, 13.1.x prior to 13.1.3.6, and 12.1.x prior to 12.1.5.3 amd BIG-IQ 7.1.0.x prior to 7.1.0.3 and 7.0.0.x prior to 7.0.0.2, the iControl REST interface has an unauthenticated remote comman...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Analytics
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Link Controller
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Ddos Hybrid Defender
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Big-iq Centralized Management
F5 Ssl Orchestrator
1 Metasploit module
23 Github repositories
2 Articles
10
CVSSv2
CVE-2020-1946
In Apache SpamAssassin prior to 3.4.5, malicious rule configuration (.cf) files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of scenarios. In addition to upgrading to SA version 3.4.5, users should only use...
Apache Spamassassin
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
10
CVSSv2
CVE-2020-24264
Portainer 1.24.1 and previous versions is affected by incorrect access control that may lead to remote arbitrary code execution. The restriction checks for bind mounts are applied only on the client-side and not the server-side, which can lead to spawning a container with bind mo...
Portainer Portainer
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »