Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sec-consult.com vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-27572
An issue exists in CommScope Arris DG3450 Cable Gateway AR01.02.056.18_041520_711.NCS.10. A reflected XSS vulnerability exists in the https_redirect.php web page via the page parameter.
Commscope Dg3450 Firmware Ar01.02.056.18 041520 711.ncs.10
516
VMScore
CVE-2018-11476
An issue exists on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The dongle opens an unprotected wireless LAN that cannot be configured with encryption or a password. This enables anyone within the range of the WLAN to connect to the network without authentication.
Vgate Icar 2 Wi-fi Obd2 Firmware -
294
VMScore
CVE-2018-11477
An issue exists on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The data packets that are sent between the iOS or Android application and the OBD dongle are not encrypted. The combination of this vulnerability with the lack of wireless network protection exposes all transferred car da...
Vgate Icar 2 Wi-fi Obd2 Firmware -
516
VMScore
CVE-2018-11478
An issue exists on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The OBD port is used to receive measurement data and debug information from the car. This on-board diagnostics feature can also be used to send commands to the car (different for every vendor / car product line / car). No...
Vgate Icar 2 Wi-fi Obd2 Firmware -
312
VMScore
CVE-2019-19457
SALTO ProAccess SPACE 5.4.3.0 allows XSS.
Saltosystem Proaccess Space
445
VMScore
CVE-2019-19458
SALTO ProAccess SPACE 5.4.3.0 allows Directory Traversal in the Data Export feature.
Saltosystem Proaccess Space
668
VMScore
CVE-2019-19459
An issue exists in SALTO ProAccess SPACE 5.4.3.0. An attacker can write arbitrary content to arbitrary files, as demonstrated by CVE-2019-19458 files under the web root, or .bat files that will be used with auto start. This allows an malicious user to execute arbitrary commands o...
Saltosystem Proaccess Space
587
VMScore
CVE-2019-19460
An issue exists in SALTO ProAccess SPACE 5.4.3.0. The product's webserver runs as a Windows service with local SYSTEM permissions by default. This is against the principle of least privilege. An attacker who is able to exploit CVE-2019-19458 or CVE-2019-19459 is basically ab...
Saltosystem Proaccess Space
570
VMScore
CVE-2018-17919
All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an malicious user to use an undocumented user account "default" with its default password to login to XMeye and access/view video streams.
Xiongmaitech Xmeye P2p Cloud Server
NA
CVE-2022-26479
An issue exists in Poly EagleEye Director II prior to 2.2.2.1. Existence of a certain file (which can be created via an rsync backdoor) causes all API calls to execute as admin without authentication.
Poly Eagleeye Director Ii Firmware
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »