Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
remote support vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-8597
eap.c in pppd in ppp 2.4.2 up to and including 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions.
Point-to-point Protocol Project Point-to-point Protocol
Wago Pfc Firmware
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
6 Github repositories
9.8
CVSSv3
CVE-2019-5481
Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.
Haxx Curl
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Netapp Cloud Backup -
Netapp Steelstore -
Netapp Solidfire Baseboard Management Controller Firmware -
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Communications Operations Monitor 3.4
Oracle Communications Operations Monitor 4.0
Oracle Enterprise Manager Ops Center 12.4.0
Oracle Oss Support Tools 20.0
Oracle Communications Operations Monitor 4.2
Oracle Communications Operations Monitor 4.1
Oracle Communications Operations Monitor 4.3
Oracle Communications Session Border Controller 8.3
Oracle Communications Session Border Controller 8.4
Oracle Mysql Server
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.0
Opensuse Leap 15.1
9.8
CVSSv3
CVE-2019-5482
Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.
Haxx Curl
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.0
Opensuse Leap 15.1
Netapp Cloud Backup -
Netapp Snapcenter -
Netapp Steelstore Cloud Integrated Storage -
Netapp Oncommand Unified Manager
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Oracle Http Server 12.2.1.3.0
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Communications Operations Monitor 3.4
Oracle Communications Operations Monitor 4.0
Oracle Enterprise Manager Ops Center 12.4.0
Oracle Oss Support Tools 20.0
Oracle Http Server 12.2.1.4.0
Oracle Communications Operations Monitor 4.2
Oracle Communications Operations Monitor 4.1
Oracle Communications Operations Monitor 4.3
9.8
CVSSv3
CVE-2019-14379
SubTypeValidator.java in FasterXML jackson-databind prior to 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Service Level Manager -
Netapp Active Iq Unified Manager
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Redhat Jboss Enterprise Application Platform 7.2
Redhat Jboss Enterprise Application Platform 7.3
Redhat Openshift Container Platform 4.1
Redhat Single Sign-on 7.3
Redhat Openshift Container Platform 3.11
Oracle Retail Xstore Point Of Service 15.0
Oracle Primavera Unifier 16.2
Oracle Banking Platform 2.4.0
Oracle Retail Xstore Point Of Service 7.1
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Banking Platform 2.4.1
Oracle Primavera Gateway 16.2
Oracle Primavera Gateway 15.2
1 Github repository
9.8
CVSSv3
CVE-2019-13352
WolfVision Cynap prior to 1.30j uses a static, hard-coded cryptographic secret for generating support PINs for the 'forgot password' feature. By knowing this static secret and the corresponding algorithm for calculating support PINs, an attacker can reset the ADMIN pass...
Wolfvision Cynap
9.8
CVSSv3
CVE-2019-11185
The WP Live Chat Support Pro plugin up to and including 8.0.26 for WordPress contains an arbitrary file upload vulnerability. This results from an incomplete patch for CVE-2018-12426. Arbitrary file upload is achieved by using a non-blacklisted executable file extension in conjun...
3cx Live Chat
9.8
CVSSv3
CVE-2019-12310
ExaGrid appliances with firmware version v4.8.1.1044.P50 have a /monitor/data/Upgrade/ directory traversal vulnerability, which allows remote malicious users to view and retrieve verbose logging information. Files within this directory were observed to contain sensitive run-time ...
Exagrid Backup Appliance Firmware 48.1.1044.p50
9.8
CVSSv3
CVE-2019-0708
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulne...
Microsoft Windows Vista -
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2008 -
Microsoft Windows Xp -
Microsoft Windows Server 2003 -
Microsoft Windows Server 2003 R2
Microsoft Windows 7 -
5 EDB exploits
2 Metasploit modules
172 Github repositories
10 Articles
9.8
CVSSv3
CVE-2019-1723
A vulnerability in the Cisco Common Services Platform Collector (CSPC) could allow an unauthenticated, remote malicious user to access an affected device by using an account that has a default, static password. This account does not have administrator privileges. The vulnerabilit...
Cisco Common Services Platform Collector
9.8
CVSSv3
CVE-2018-15439
A vulnerability in the Cisco Small Business Switches software could allow an unauthenticated, remote malicious user to bypass the user authentication mechanism of an affected device. The vulnerability exists because under specific circumstances, the affected software enables a pr...
Cisco Sg200-50 Firmware -
Cisco Sg200-50p Firmware -
Cisco Sg200-50fp Firmware -
Cisco Sg200-26 Firmware -
Cisco Sg200-26p Firmware -
Cisco Sg200-26fp Firmware -
Cisco Sg200-18 Firmware -
Cisco Sg200-10fp Firmware -
Cisco Sg200-08 Firmware -
Cisco Sg200-08p Firmware -
Cisco Sf200-24 Firmware -
Cisco Sf200-24p Firmware -
Cisco Sf200-24fp Firmware -
Cisco Sf200-48 Firmware -
Cisco Sf200-48p Firmware -
Cisco Sf302-08pp Firmware -
Cisco Sf302-08mpp Firmware -
Cisco Sg300-10pp Firmware -
Cisco Sg300-10mpp Firmware -
Cisco Sf300-24pp Firmware -
Cisco Sf300-48pp Firmware -
Cisco Sg300-28pp Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »