Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web server vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-28769
The buffer overflow vulnerability in the library “libclinkc.so” of the web server “zhttpd” in Zyxel DX5401-B0 firmware versions prior to V5.17(ABYO.1)C0 could allow a remote unauthenticated malicious user to execute some OS commands or to cause denial-of-s...
Zyxel Dx5401-b0 Firmware
9.8
CVSSv3
CVE-2023-29268
The Splus Server component of TIBCO Software Inc.'s TIBCO Spotfire Statistics Services contains a vulnerability that allows an unauthenticated remote malicious user to upload or modify arbitrary files within the web server directory on the affected system. Affected releases ...
Tibco Spotfire Statistics Services 11.6.0
Tibco Spotfire Statistics Services 11.6.1
Tibco Spotfire Statistics Services 11.6.2
Tibco Spotfire Statistics Services 11.7.0
Tibco Spotfire Statistics Services 11.8.0
Tibco Spotfire Statistics Services 11.8.1
Tibco Spotfire Statistics Services 12.0.0
Tibco Spotfire Statistics Services 12.0.1
Tibco Spotfire Statistics Services 12.0.2
Tibco Spotfire Statistics Services 12.1.0
Tibco Spotfire Statistics Services 12.2.0
Tibco Spotfire Statistics Services 11.5.0
Tibco Spotfire Statistics Services
9.8
CVSSv3
CVE-2023-28489
A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050 MASTER MODULE (All versions < CPCI85 V05). Affected devices are vulnerable to command injection via the web server port 443/tcp, if the parameter “Remote Operation”...
Siemens Cp-8031 Firmware
Siemens Cp-8050 Firmware
9.8
CVSSv3
CVE-2023-26068
Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 2 of 4).
Lexmark Cxtpc Firmware
Lexmark Cstpc Firmware
Lexmark Mxtct Firmware
Lexmark Mxtpm Firmware
Lexmark Cxtmm Firmware
Lexmark Mslsg Firmware
Lexmark Mxlsg Firmware
Lexmark Mslbd Firmware
Lexmark Mxlbd Firmware
Lexmark Msngm Firmware
Lexmark Mxngm Firmware
Lexmark Mxtgm Firmware
Lexmark Msngw Firmware
Lexmark Mstgw Firmware
Lexmark Mxtgw Firmware
Lexmark Cslbn Firmware
Lexmark Cslbl Firmware
Lexmark Cxlbn Firmware
Lexmark Cxlbl Firmware
Lexmark Csnzj Firmware
Lexmark Cxtzj Firmware
Lexmark Cxnzj Firmware
9.8
CVSSv3
CVE-2022-36974
This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists ...
Ivanti Avalanche
9.8
CVSSv3
CVE-2022-45460
Multiple Xiongmai NVR devices, including MBD6304T V4.02.R11.00000117.10001.131900.00000 and NBD6808T-PL V4.02.R11.C7431119.12001.130000.00000, allow an unauthenticated and remote user to exploit a stack-based buffer overflow and crash the web server, resulting in a system reboot....
Xiongmaitech Nbd6808t-pl Firmware 4.02.r11.c7431119.12001.130000.00000
Xiongmaitech Mbd6304t Firmware 4.02.r11.00000117.10001.131900.00000
9.8
CVSSv3
CVE-2023-0598
GE Digital Proficy iFIX 2022, GE Digital Proficy iFIX v6.1, and GE Digital Proficy iFIX v6.5 are vulnerable to code injection, which may allow an malicious user to insert malicious configuration files in the expected web server execution path and gain full control of the HMI sof...
Ge Ifix 6.5
Ge Ifix 2022
Ge Ifix 6.1
9.8
CVSSv3
CVE-2023-25157
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language (CQL) as part of the Web Feature Service (WFS) and Web Map Service ...
Osgeo Geoserver
8 Github repositories
9.8
CVSSv3
CVE-2023-21716
Microsoft Word Remote Code Execution Vulnerability
Microsoft Word 2013
Microsoft Office Web Apps 2013
Microsoft Sharepoint Foundation 2013
Microsoft Sharepoint Enterprise Server 2016
Microsoft Office Online Server 2016
Microsoft Sharepoint Enterprise Server 2013
Microsoft Sharepoint Server 2019
Microsoft Office 2019
Microsoft Office Long Term Servicing Channel 2021
Microsoft Sharepoint Server -
11 Github repositories
9.8
CVSSv3
CVE-2022-3089
Echelon SmartServer 2.2 with i.LON Vision 2.2 stores cleartext credentials in a file, which could allow an malicious user to obtain cleartext usernames and passwords of the SmartServer. If the attacker obtains the file, then the credentials could be used to control the web user ...
Echelon I.lon Vision 2.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661
open redirect
CVE-2024-25512
CVE-2024-33788
command injection
SSTI
CVE-2024-0043
CVE-2024-29210
CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »