Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
alarm vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv3
CVE-2020-13425
TrackR devices through 2020-05-06 allow malicious users to trigger the Beep (aka alarm) feature, which will eventually cause a denial of service when battery capacity is exhausted.
Thetrackr Trackr Firmware
9.8
CVSSv3
CVE-2022-45462
Alarm instance management has command injection when there is a specific command configured. It is only for logged-in users. We recommend you upgrade to version 2.0.6 or higher
Apache Dolphinscheduler
5.3
CVSSv3
CVE-2022-48296
The SystemUI has a vulnerability in permission management. Successful exploitation of this vulnerability may cause users to receive broadcasts from malicious apps, conveying false alarm information about external storage devices.
Huawei Harmonyos 2.0
Huawei Emui 11.0.1
Huawei Emui 12.0.0
Huawei Harmonyos 2.1
Huawei Harmonyos 3.0.0
Huawei Emui 12.0.1
7.5
CVSSv3
CVE-2022-38744
An unauthenticated attacker with network access to a victim's Rockwell Automation FactoryTalk Alarm and Events service could open a connection, causing the service to fault and become unavailable. The affected port could be used as a server ping port and uses messages struc...
Rockwellautomation Factorytalk Alarms And Events -
7.5
CVSSv3
CVE-2020-22650
A memory leak vulnerability in sim-organizer.c of AlienVault Ossim v5 causes a denial of service (DOS) via a system crash triggered by the occurrence of a large number of alarm events.
Att Alienvault Ossim 5.0
8.8
CVSSv3
CVE-2020-7058
data_input.php in Cacti 1.2.8 allows remote code execution via a crafted Input String to Data Collection -> Data Input Methods -> Unix -> Ping Host. NOTE: the vendor has stated "This is a false alarm.
Cacti Cacti 1.2.8
2.4
CVSSv3
CVE-2018-4123
An issue exists in certain Apple products. iOS prior to 11.3 is affected. The issue involves alarm and timer handling in the "Clock" component. It allows physically proximate malicious users to discover the iTunes e-mail address.
Apple Iphone Os
9.1
CVSSv3
CVE-2020-14158
The ABUS Secvest FUMO50110 hybrid module does not have any security mechanism that ensures confidentiality or integrity of RF packets that are exchanged with an alarm panel. This makes it easier to conduct wAppLoxx authentication-bypass attacks.
Abus Secvest Hybrid Fumo50110 Firmware -
9.8
CVSSv3
CVE-2023-1256
The listed versions of AVEVA Plant SCADA and AVEVA Telemetry Server are vulnerable to an improper authorization exploit which could allow an unauthenticated user to remotely read data, cause denial of service, and tamper with alarm states.
Aveva Telemetry Server 2020r2
Aveva Aveva Plant Scada 2020r2
Aveva Aveva Plant Scada 2023
5.3
CVSSv3
CVE-2021-40171
The absence of notifications regarding an ongoing RF jamming attack in the SecuritasHome home alarm system, version HPGW-G 0.0.2.23F BG_U-ITR-F1-BD_BL.A30.20181117, allows an malicious user to block legitimate traffic while not alerting the owner of the system.
Securitashome Securitashome Alarm System Firmware Hpgw-g 0.0.2.23f Bg U-itr-f1-bd Bl.a30.20181117
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »