Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
t. weber vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-5277
The get_contents function in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) prior to 2.20 might allow local users to cause a denial of service (heap corruption) or gain privileges via a long line in the NSS files database.
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Hpc Node 7.0
Gnu Glibc
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
7.5
CVSSv3
CVE-2016-1234
Stack-based buffer overflow in the glob implementation in GNU C Library (aka glibc) prior to 2.24, when GLOB_ALTDIRFUNC is used, allows context-dependent malicious users to cause a denial of service (crash) via a long name.
Gnu Glibc
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Fedoraproject Fedora 23
9.1
CVSSv3
CVE-2023-5376
An Improper Authentication vulnerability in Korenix JetNet TFTP allows abuse of this service. This issue affects JetNet devices older than firmware version 2024/01.
Korenix Jetnet 5310g Firmware 2.6
Korenix Jetnet 4508 Firmware 2.3
Korenix Jetnet 4508i-w Firmware 1.3
Korenix Jetnet 4508-w Firmware 2.3
Korenix Jetnet 4508if-s Firmware 1.3
Korenix Jetnet 4508if-m Firmware 1.3
Korenix Jetnet 4508if-sw Firmware 1.3
Korenix Jetnet 4508if-mw Firmware 1.3
Korenix Jetnet 4508f-m Firmware 2.3
Korenix Jetnet 4508f-s Firmware 2.3
Korenix Jetnet 4508f-mw Firmware 2.3
Korenix Jetnet 4508f-sw Firmware 2.3
Korenix Jetnet 5620g-4c Firmware 1.1
Korenix Jetnet 5612gp-4f Firmware 1.2
Korenix Jetnet 5612g-4f Firmware 1.2
Korenix Jetnet 5728g-24p-ac-2dc-us Firmware 2.1
Korenix Jetnet 5728g-24p-ac-2dc-eu Firmware 2.1
Korenix Jetnet 6528gf-2ac-eu Firmware 1.0
Korenix Jetnet 6528gf-2ac-us Firmware 1.0
Korenix Jetnet 6528gf-2dc24 Firmware 1.0
Korenix Jetnet 6528gf-2dc48 Firmware 1.0
Korenix Jetnet 6528gf-ac-eu Firmware 1.0
8.8
CVSSv3
CVE-2023-2575
Advantech EKI-1524, EKI-1522, EKI-1521 devices up to and including 1.21 are affected by a Stack-based Buffer Overflow vulnerability, which can be triggered by authenticated users via a crafted POST request.
Advantech Eki-1521 Firmware
Advantech Eki-1522 Firmware
Advantech Eki-1524 Firmware
8.8
CVSSv3
CVE-2023-2573
Advantech EKI-1524, EKI-1522, EKI-1521 devices up to and including 1.21 are affected by an command injection vulnerability in the NTP server input field, which can be triggered by authenticated users via a crafted POST request.
Advantech Eki-1521 Firmware
Advantech Eki-1522 Firmware
Advantech Eki-1524 Firmware
9.1
CVSSv3
CVE-2023-5347
An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables. This issue affects JetNet devices older than firmware version 2024/01.
Korenix Jetnet 5310g Firmware 2.6
Korenix Jetnet 4508 Firmware 2.3
Korenix Jetnet 4508i-w Firmware 1.3
Korenix Jetnet 4508-w Firmware 2.3
Korenix Jetnet 4508if-s Firmware 1.3
Korenix Jetnet 4508if-m Firmware 1.3
Korenix Jetnet 4508if-sw Firmware 1.3
Korenix Jetnet 4508if-mw Firmware 1.3
Korenix Jetnet 4508f-m Firmware 2.3
Korenix Jetnet 4508f-s Firmware 2.3
Korenix Jetnet 4508f-mw Firmware 2.3
Korenix Jetnet 4508f-sw Firmware 2.3
Korenix Jetnet 5620g-4c Firmware 1.1
Korenix Jetnet 5612gp-4f Firmware 1.2
Korenix Jetnet 5612g-4f Firmware 1.2
Korenix Jetnet 5728g-24p-ac-2dc-us Firmware 2.1
Korenix Jetnet 5728g-24p-ac-2dc-eu Firmware 2.1
Korenix Jetnet 6528gf-2ac-eu Firmware 1.0
Korenix Jetnet 6528gf-2ac-us Firmware 1.0
Korenix Jetnet 6528gf-2dc24 Firmware 1.0
Korenix Jetnet 6528gf-2dc48 Firmware 1.0
Korenix Jetnet 6528gf-ac-eu Firmware 1.0
8.8
CVSSv3
CVE-2023-2574
Advantech EKI-1524, EKI-1522, EKI-1521 devices up to and including 1.21 are affected by an command injection vulnerability in the device name input field, which can be triggered by authenticated users via a crafted POST request.
Advantech Eki-1521 Firmware
Advantech Eki-1522 Firmware
Advantech Eki-1524 Firmware
8.8
CVSSv3
CVE-2021-39244
Authenticated Semi-Blind Command Injection (via Parameter Injection) exists on Altus Nexto, Nexto Xpress, and Hadron Xtorm devices via the getlogs.cgi tcpdump feature. This affects Nexto NX3003 1.8.11.0, Nexto NX3004 1.8.11.0, Nexto NX3005 1.8.11.0, Nexto NX3010 1.8.3.0, Nexto NX...
Altus Nexto Nx3003 Firmware 1.8.11.0
Altus Nexto Nx3004 Firmware 1.8.11.0
Altus Nexto Nx3005 Firmware 1.8.11.0
Altus Nexto Nx3010 Firmware 1.8.3.0
Altus Nexto Nx3020 Firmware 1.8.3.0
Altus Nexto Nx3030 Firmware 1.8.3.0
Altus Nexto Nx5100 Firmware 1.8.11.0
Altus Nexto Nx5101 Firmware 1.8.11.0
Altus Nexto Nx5110 Firmware 1.1.2.8
Altus Nexto Nx5210 Firmware 1.1.2.8
Altus Nexto Xpress Xp300 Firmware 1.8.11.0
Altus Nexto Xpress Xp315 Firmware 1.8.11.0
Altus Nexto Xpress Xp325 Firmware 1.8.11.0
Altus Nexto Xpress Xp340 Firmware 1.8.11.0
Altus Hadron Xtorm Hx3040 Firmware 1.7.58.0
7.5
CVSSv3
CVE-2021-39245
Hardcoded .htaccess Credentials for getlogs.cgi exist on Altus Nexto, Nexto Xpress, and Hadron Xtorm devices. This affects Nexto NX3003 1.8.11.0, Nexto NX3004 1.8.11.0, Nexto NX3005 1.8.11.0, Nexto NX3010 1.8.3.0, Nexto NX3020 1.8.3.0, Nexto NX3030 1.8.3.0, Nexto NX5100 1.8.11.0,...
Altus Nexto Nx3003 Firmware 1.8.11.0
Altus Nexto Nx3004 Firmware 1.8.11.0
Altus Nexto Nx3005 Firmware 1.8.11.0
Altus Nexto Nx3010 Firmware 1.8.3.0
Altus Nexto Nx3020 Firmware 1.8.3.0
Altus Nexto Nx3030 Firmware 1.8.3.0
Altus Nexto Nx5100 Firmware 1.8.11.0
Altus Nexto Nx5101 Firmware 1.8.11.0
Altus Nexto Nx5110 Firmware 1.1.2.8
Altus Nexto Nx5210 Firmware 1.1.2.8
Altus Nexto Xpress Xp300 Firmware 1.8.11.0
Altus Nexto Xpress Xp315 Firmware 1.8.11.0
Altus Nexto Xpress Xp325 Firmware 1.8.11.0
Altus Nexto Xpress Xp340 Firmware 1.8.11.0
Altus Hadron Xtorm Hx3040 Firmware 1.7.58.0
6.5
CVSSv3
CVE-2018-12979
An issue exists on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before FW 02. Weak permissions allow an authenticated user to overwrite critical files by abusing the unrestricted file upload in the WBM.
Wago 762-3000 Firmware
Wago 762-3001 Firmware
Wago 762-3002 Firmware
Wago 762-3003 Firmware
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »