Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
abuse vulnerabilities and exploits
(subscribe to this query)
801
VMScore
CVE-2021-41635
When installed as Windows service MELAG FTP Server 2.2.0.4 is run as SYSTEM user, which grants remote malicious users to abuse misconfigurations or vulnerabilities with administrative access over the entire host system.
Melag Ftp Server 2.2.0.4
383
VMScore
CVE-2017-3969
Abuse of communication channels vulnerability in the server in McAfee Network Security Management (NSM) prior to 8.2.7.42.2 allows man-in-the-middle malicious users to decrypt messages via an inadequate implementation of SSL.
Mcafee Network Security Manager
668
VMScore
CVE-2021-3832
Integria IMS in its 5.0.92 version is vulnerable to a Remote Code Execution attack through file uploading. An unauthenticated attacker could abuse the AsyncUpload() function in order to exploit the vulnerability.
Artica Integria Ims 5.0.92
NA
CVE-2022-37703
In Amanda 3.5.1, an information leak vulnerability was found in the calcsize SUID binary. An attacker can abuse this vulnerability to know if a directory exists or not anywhere in the fs. The binary will use `opendir()` as root directly without checking the path, letting the atta...
Amanda Amanda 3.5.1
578
VMScore
CVE-2017-3770
Privilege escalation vulnerability in LXCA versions earlier than 1.3.2 where an authenticated user may be able to abuse certain web interface functionality to execute privileged commands within the underlying LXCA operating system.
Lenovo Xclarity Administrator
409
VMScore
CVE-2020-28572
A vulnerability in Trend Micro Apex One could allow an unprivileged user to abuse the product installer to reinstall the agent with additional malicious code in the context of a higher privilege.
Trendmicro Apex One 2019
312
VMScore
CVE-2019-3641
Abuse of Authorization vulnerability in APIs exposed by TIE server in McAfee Threat Intelligence Exchange Server (TIE Server) 3.0.0 allows remote authenticated users to modify stored reputation data via specially crafted messages.
Mcafee Threat Intelligence Exchange Server 3.0.0
NA
CVE-2023-42508
JFrog Artifactory prior to version 7.66.0 is vulnerable to specific endpoint abuse with a specially crafted payload, which can lead to unauthenticated users being able to send emails with manipulated email body.
Jfrog Artifactory
NA
CVE-2022-27535
Kaspersky VPN Secure Connection for Windows version up to 21.5 was vulnerable to arbitrary file deletion via abuse of its 'Delete All Service Data And Reports' feature by the local authenticated attacker.
Kaspersky Vpn Secure Connection
668
VMScore
CVE-2020-27172
An issue exists in G-Data prior to 25.5.9.25 using Symbolic links, it is possible to abuse the infected-file restore mechanism to achieve arbitrary write that leads to elevation of privileges.
Gdatasoftware G Data
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »