Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
discovery vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-28079
College Management System v1.0 exists to contain a SQL injection vulnerability via the course_code parameter.
College Management System Project College Management System 1.0
8.8
CVSSv3
CVE-2021-22966
Privilege escalation from Editor to Admin using Groups in Concrete CMS versions 8.5.6 and below. If a group is granted "view" permissions on the bulkupdate page, then users in that group can escalate to being an administrator with a specially crafted curl. Fixed by addi...
Concretecms Concrete Cms
8.8
CVSSv3
CVE-2021-34779
Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business 220 Series Smart Switches. An unauthenticated, adjacent attacker could perform the following: Execute code on the affected device or cause it to reload unexpectedly ...
Cisco Business 220-8t-e-2g Firmware
Cisco Business 220-8p-e-2g Firmware
Cisco Business 220-8fp-e-2g Firmware
Cisco Business 220-16t-2g Firmware
Cisco Business 220-16p-2g Firmware
Cisco Business 220-24t-4g Firmware
Cisco Business 220-24p-4g Firmware
Cisco Business 220-24fp-4g Firmware
Cisco Business 220-48t-4g Firmware
Cisco Business 220-48p-4g Firmware
Cisco Business 220-24t-4x Firmware
Cisco Business 220-24p-4x Firmware
Cisco Business 220-24fp-4x Firmware
Cisco Business 220-48t-4x Firmware
Cisco Business 220-48p-4x Firmware
Cisco Business 220-48fp-4x Firmware
8.8
CVSSv3
CVE-2021-34780
Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business 220 Series Smart Switches. An unauthenticated, adjacent attacker could perform the following: Execute code on the affected device or cause it to reload unexpectedly ...
Cisco Business 220-8t-e-2g Firmware
Cisco Business 220-8p-e-2g Firmware
Cisco Business 220-8fp-e-2g Firmware
Cisco Business 220-16t-2g Firmware
Cisco Business 220-16p-2g Firmware
Cisco Business 220-24t-4g Firmware
Cisco Business 220-24p-4g Firmware
Cisco Business 220-24fp-4g Firmware
Cisco Business 220-48t-4g Firmware
Cisco Business 220-48p-4g Firmware
Cisco Business 220-24t-4x Firmware
Cisco Business 220-24p-4x Firmware
Cisco Business 220-24fp-4x Firmware
Cisco Business 220-48t-4x Firmware
Cisco Business 220-48p-4x Firmware
Cisco Business 220-48fp-4x Firmware
8.8
CVSSv3
CVE-2021-1309
Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business RV Series Routers. An unauthenticated, adjacent attacker could execute arbitrary code or cause an affected router to leak system memory or reload. A memory leak or d...
Cisco Rv132w Firmware 1.0.0.14
Cisco Rv132w Firmware 1.0.1.14
Cisco Rv132w Firmware 1.0.1.20
Cisco Rv134w Firmware 1.0.0.14
Cisco Rv134w Firmware 1.0.1.14
Cisco Rv134w Firmware 1.0.1.20
Cisco Rv160 Firmware 1.0.0.14
Cisco Rv160 Firmware 1.0.1.14
Cisco Rv160 Firmware 1.0.1.20
Cisco Rv160w Firmware 1.0.0.14
Cisco Rv160w Firmware 1.0.1.14
Cisco Rv160w Firmware 1.0.1.20
Cisco Rv260 Firmware 1.0.0.14
Cisco Rv260 Firmware 1.0.1.14
Cisco Rv260 Firmware 1.0.1.20
Cisco Rv260p Firmware 1.0.0.14
Cisco Rv260p Firmware 1.0.1.14
Cisco Rv260p Firmware 1.0.1.20
Cisco Rv260w Firmware 1.0.0.14
Cisco Rv260w Firmware 1.0.1.14
Cisco Rv260w Firmware 1.0.1.20
Cisco Rv340 Firmware 1.0.0.14
8.8
CVSSv3
CVE-2020-26217
XStream before version 1.4.14 is vulnerable to Remote Code Execution.The vulnerability may allow a remote malicious user to run arbitrary shell commands only by manipulating the processed input stream. Only users who rely on blocklists are affected. Anyone using XStream's Se...
Xstream Project Xstream
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Snapmanager
Netapp Snapmanager -
Apache Activemq 5.15.4
Oracle Banking Platform 2.4.0
Oracle Communications Policy Management 12.5.0
Oracle Banking Platform 2.7.1
Oracle Banking Platform 2.9.0
Oracle Banking Virtual Account Management 14.3.0
Oracle Business Activity Monitoring 12.2.1.3.0
Oracle Business Activity Monitoring 11.1.1.9.0
Oracle Business Activity Monitoring 12.2.1.4.0
Oracle Retail Xstore Point Of Service 16.0.6
Oracle Retail Xstore Point Of Service 17.0.4
Oracle Retail Xstore Point Of Service 18.0.3
Oracle Retail Xstore Point Of Service 19.0.2
Oracle Banking Virtual Account Management 14.2.0
Oracle Banking Virtual Account Management 14.5.0
Oracle Banking Cash Management 14.2
Oracle Banking Cash Management 14.3
6 Github repositories
8.8
CVSSv3
CVE-2020-28648
Improper input validation in the Auto-Discovery component of Nagios XI prior to 5.7.5 allows an authenticated malicious user to execute remote code.
Nagios Nagios Xi
8.8
CVSSv3
CVE-2020-25538
An authenticated attacker can inject malicious code into "lang" parameter in /uno/central.php file in CMSuno 1.6.2 and run this PHP code in the web page. In this way, attacker can takeover the control of the server.
Cmsuno Project Cmsuno 1.6.2
1 Github repository
8.8
CVSSv3
CVE-2020-25557
In CMSuno 1.6.2, an attacker can inject malicious PHP code as a "username" while changing his/her username & password. After that, when attacker logs in to the application, attacker's code will be run. As a result of this vulnerability, authenticated user can r...
Cmsuno Project Cmsuno 1.6.2
1 Github repository
8.8
CVSSv3
CVE-2020-3544
A vulnerability in the Cisco Discovery Protocol implementation for Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent malicious user to execute arbitrary code on an affected device or cause the device to reload. This vulnerability is due to m...
Cisco 8000p Ip Camera Firmware 1.0.9-4
Cisco 8020 Ip Camera Firmware 1.0.9-4
Cisco 8030 Ip Camera Firmware 1.0.9-4
Cisco 8070 Ip Camera Firmware 1.0.9-4
Cisco 8400 Ip Camera Firmware 1.0.9-4
Cisco 8620 Ip Camera Firmware 1.0.9-4
Cisco 8630 Ip Camera Firmware 1.0.9-4
Cisco 8930 Speed Dome Ip Camera Firmware 1.0.9-4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »