Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
metasploit vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-1999-0502
A Unix account has a default, null, blank, or missing password.
Sun Sunos 5.7
Hp Hp-ux 11
Sun Sunos 5.8
Sun Sunos 5.5.1
Hp Hp-ux 10.20
Redhat Linux 6.0
Sun Solaris 2.6
1 EDB exploit
9.3
CVSSv2
CVE-2012-2288
Format string vulnerability in the nsrd RPC service in EMC NetWorker 7.6.3 and 7.6.4 prior to 7.6.4.1, and 8.0 prior to 8.0.0.1, allows remote malicious users to execute arbitrary code via format string specifiers in a message.
Emc Networker 7.6.4
Emc Networker 8.0
Emc Networker 7.6.3
1 EDB exploit
6.8
CVSSv2
CVE-2011-1571
Unspecified vulnerability in the XSL Content portlet in Liferay Portal Community Edition (CE) 5.x and 6.x prior to 6.0.6 GA, when Apache Tomcat is used, allows remote malicious users to execute arbitrary commands via unknown vectors.
Liferay Liferay Portal
1 EDB exploit
1 Github repository
4.3
CVSSv2
CVE-2018-6849
In the WebRTC component in DuckDuckGo 4.2.0, after visiting a web site that attempts to gather complete client information (such as https://ip.voidsec.com), the browser can disclose a private IP address in a STUN request.
Duckduckgo Duckduckgo 4.2.0
1 EDB exploit
6.5
CVSSv2
CVE-2019-10669
An issue exists in LibreNMS up to and including 1.47. There is a command injection vulnerability in html/includes/graphs/device/collectd.inc.php where user supplied parameters are filtered with the mysqli_escape_real_string function. This function is not the appropriate function ...
Librenms Librenms
1 EDB exploit
7.5
CVSSv2
CVE-2014-3789
GetPermissions.asp in Cogent Real-Time Systems Cogent DataHub prior to 7.3.5 allows remote malicious users to execute arbitrary commands via unspecified vectors.
Cogentdatahub Cogent Datahub 7.3.0
Cogentdatahub Cogent Datahub 7.0
Cogentdatahub Cogent Datahub 7.3.1
Cogentdatahub Cogent Datahub 7.2.2
Cogentdatahub Cogent Datahub 7.1.2
Cogentdatahub Cogent Datahub
Cogentdatahub Cogent Datahub 7.3.2
Cogentdatahub Cogent Datahub 7.1.0
Cogentdatahub Cogent Datahub 7.0.2
Cogentdatahub Cogent Datahub 7.1.1.63
Cogentdatahub Cogent Datahub 7.1.1
Cogentdatahub Cogent Datahub 7.3.3
1 EDB exploit
7.5
CVSSv2
CVE-2013-5036
The Square Squash allows remote malicious users to execute arbitrary code via a YAML document in the (1) namespace parameter to the deobfuscation function or (2) sourcemap parameter to the sourcemap function in app/controllers/api/v1_controller.rb.
Squash Square Squash -
1 EDB exploit
6.5
CVSSv2
CVE-2013-4490
The SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell prior to 1.7.3, as used in GitLab 5.0 prior to 5.4.1 and 6.x prior to 6.2.3, allows remote authenticated users to execute arbitrary commands via shell metacharacters in the public key.
Gitlab Gitlab 6.0.0
Gitlab Gitlab 6.2.0
Gitlab Gitlab 5.2.0
Gitlab Gitlab 5.0.1
Gitlab Gitlab-shell
Gitlab Gitlab-shell 1.4.0
Gitlab Gitlab-shell 1.2.0
Gitlab Gitlab-shell 1.7.1
Gitlab Gitlab-shell 1.7.0
Gitlab Gitlab-shell 1.6.0
Gitlab Gitlab-shell 1.5.0
Gitlab Gitlab 6.2.1
Gitlab Gitlab 6.2.2
Gitlab Gitlab 5.4.0
Gitlab Gitlab 5.3.0
Gitlab Gitlab-shell 1.0.4
Gitlab Gitlab 6.1.0
Gitlab Gitlab 5.1.0
Gitlab Gitlab 5.0.0
Gitlab Gitlab-shell 1.3.0
Gitlab Gitlab-shell 1.1.0
1 EDB exploit
9.3
CVSSv2
CVE-2016-4656
The kernel in Apple iOS prior to 9.3.5 allows malicious users to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
Apple Iphone Os
1 EDB exploit
11 Github repositories
6.8
CVSSv2
CVE-2013-4212
Certain getText methods in the ActionSupport controller in Apache Roller prior to 5.0.2 allow remote malicious users to execute arbitrary OGNL expressions via the first or second parameter, as demonstrated by the pageTitle parameter in the !getPageTitle sub-URL to roller-ui/login...
Apache Roller 4.0
Apache Roller 4.0.1
Apache Roller
Apache Roller 5.0
1 EDB exploit
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »