Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
coresecurity.com vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-09803
Publish-It is prone to a (client side) security vulnerability when processing .PUI files. This vulnerability could be exploited by a remote attacker to execute arbitrary code on the target machine, by enticing the user of Publish-It to open a specially crafted .PUI file. Version ...
NA
CVE-2011-18663
Core Security Technologies Advisory - HP Data Protector is an automated backup and recovery software for single-server to enterprise environments. A vulnerability in HP Data Protector could allow a remote attacker to execute arbitrary code. The vulnerability is triggered by sendi...
NA
CVE-2010-3273
ZOHO ManageEngine ADSelfService Plus prior to 4.5 Build 4500 allows remote malicious users to reset user passwords, and consequently obtain access to arbitrary user accounts, by providing a user id to accounts/ValidateUser, and then providing a new password to accounts/ResetResul...
Zohocorp Manageengine Adselfservice Plus
NA
CVE-2010-32743
Core Security Technologies Advisory - ManageEngine ADSelfService Plus version 4.4 suffers from authentication bypass, protection mechanism failure, and cross site scripting vulnerabilities.
NA
CVE-2010-3329
mshtmled.dll in Microsoft Internet Explorer 7 and 8 allows remote malicious users to execute arbitrary code via a crafted Microsoft Office document that causes the HtmlDlgHelper class destructor to access uninitialized memory, aka "Uninitialized Memory Corruption Vulnerabili...
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
1 EDB exploit
NA
CVE-2014-86123
Core Security Technologies Advisory - Multiple vulnerabilities have been found in the FreeBSD kernel code that implements the vt console driver (previously known as Newcons) and the code that implements SCTP sockets. These vulnerabilities could allow local unprivileged attackers ...
5.5
CVSSv3
CVE-2018-18537
The GLCKIo low-level driver in ASUS Aura Sync v1.07.22 and previous versions exposes a path to write an arbitrary DWORD to an arbitrary address.
Asus Aura Sync Firmware 1.07.22
8.8
CVSSv3
CVE-2016-1491
The Wifi hotspot in Lenovo SHAREit prior to 3.2.0 for Windows, when configured to receive files, has a hardcoded password of 12345678, which makes it easier for remote malicious users to obtain access by leveraging a position within the WLAN coverage area.
Lenovo Shareit
1 Article
NA
CVE-2010-1931
SQL injection vulnerability in includes/content/cart.inc.php in CubeCart PHP Shopping cart 4.3.4 up to and including 4.3.9 allows remote malicious users to execute arbitrary SQL commands via the shipKey parameter to index.php.
Cubecart Cubecart 4.3.4
Cubecart Cubecart 4.3.5
Cubecart Cubecart 4.3.6
Cubecart Cubecart 4.3.9
Cubecart Cubecart 4.3.7
Cubecart Cubecart 4.3.8
1 EDB exploit
NA
CVE-2015-22803
Core Security Technologies Advisory - The AirLink101 SkyIPCam1620W Wireless N MPEG4 3GPP network camera is vulnerable to an OS command injection vulnerability in the snwrite.cgi binary.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »