Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sense of security vulnerabilities and exploits
(subscribe to this query)
7.3
CVSSv3
CVE-2019-9463
In Platform, there is a possible bypass of user interaction requirements due to background app interception. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: And...
Google Android 10.0
2 Github repositories
5.5
CVSSv3
CVE-2018-9548
In multiple functions of ContentProvider.java, there is a possible permission bypass due to a missing URI validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android....
Google Android 7.0
Google Android 7.1.1
Google Android 7.1.2
Google Android 8.0
Google Android 8.1
Google Android 9.0
3 Github repositories
NA
CVE-2011-2577
Unspecified vulnerability in Cisco TelePresence C Series Endpoints, E/EX Personal Video units, and MXP Series Codecs, when using software versions before TC 4.0.0 or F9.1, allows remote malicious users to cause a denial of service (crash) via a crafted SIP packet to port 5060 or ...
Cisco Telepresence Codec C40
Cisco Telepresence Ex90
Cisco Telepresence Ex60
Cisco Telepresence Codec C60
Cisco Telepresence Codec C90
Cisco Telepresence C Series Software
Cisco Telepresence C Series Software Tc3.1.2
Cisco Telepresence C Series Software Tc3.1.1
Cisco Telepresence C Series Software Tc3.1.3
Cisco Telepresence C Series Software Tc3.1.0
Cisco Telepresence C Series Software Tc3.0.0
Cisco Telepresence 9000 Mxp
Cisco Telepresence 6000 Mxp
Cisco Telepresence Mxp Software F9.0.1
Cisco Telepresence Mxp Software F9.0.2
Cisco Telepresence Mxp Software F8.2
Cisco Telepresence Mxp Software F9.0
Cisco Telepresence E20
Cisco Telepresence E20 Software Te2.2.1
1 EDB exploit
NA
CVE-2011-2543
Buffer overflow in the cuil component in Cisco Telepresence System Integrator C Series 4.x before TC4.2.0 allows remote authenticated users to cause a denial of service (endpoint reboot or process crash) or possibly execute arbitrary code via a long location parameter to the getx...
Cisco Telepresence Codec C40
Cisco Telepresence Codec C90
Cisco Telepresence Codec C60
Cisco Telepresence C Series Software Tc4.1.0
Cisco Telepresence C Series Software Tc4.1.1
Cisco Telepresence C Series Software Tc4.1.2
Cisco Telepresence C Series Software Tc4.0.1
Cisco Telepresence C Series Software Tc4.0.4
Cisco Telepresence C Series Software Tc4.0.0
1 EDB exploit
NA
CVE-2011-2544
Cross-site scripting (XSS) vulnerability in the web interface in Cisco TelePresence System MXP Series F9.1 and previous versions allows remote authenticated users to inject arbitrary web script or HTML via a crafted Call ID, as demonstrated by resultant cross-site request forgery...
Cisco Telepresence System 1000 Mxp
Cisco Telepresence System 1700 Mxp
Cisco Telepresence Mxp Software F9.0.1
Cisco Telepresence Mxp Software F9.0.2
Cisco Telepresence Mxp Software
Cisco Telepresence Mxp Software F8.2
Cisco Telepresence Mxp Software F9.0
1 EDB exploit
NA
CVE-2009-3418
Multiple SQL injection vulnerabilities in Plume CMS 1.2.3 allow (1) remote authenticated users to execute arbitrary SQL commands via the m parameter to manager/index.php and (2) remote authenticated administrators to execute arbitrary SQL commands via the id parameter in an edit_...
Plume-cms Plume Cms 1.2.3
1 EDB exploit
NA
CVE-2011-2260
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Sun Products Suite 2.1.1 allows remote malicious users to affect confidentiality and integrity via unknown vectors related to Administration.
Oracle Sun Products Suite 2.1.1
1 EDB exploit
NA
CVE-2011-0966
Directory traversal vulnerability in cwhp/auditLog.do in the Homepage Auditing component in Cisco CiscoWorks Common Services 3.3 and previous versions allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter, aka Bug ID CSCto35577.
Cisco Ciscoworks Common Services 2.2
Cisco Ciscoworks Common Services
Cisco Ciscoworks Common Services 3.0.6
Cisco Ciscoworks Common Services 3.0.4
Cisco Ciscoworks Common Services 3.2
Cisco Ciscoworks Common Services 1.0
Cisco Ciscoworks Common Services 3.1.1
Cisco Ciscoworks Common Services 3.0
Cisco Ciscoworks Common Services 3.1
Cisco Ciscoworks Common Services 3.0.3
Cisco Ciscoworks Common Services 3.0.5
2 EDB exploits
NA
CVE-2013-6618
jsdm/ajax/port.php in J-Web in Juniper Junos prior to 10.4R13, 11.4 prior to 11.4R7, 12.1 prior to 12.1R5, 12.2 prior to 12.2R3, and 12.3 prior to 12.3R1 allows remote authenticated users to execute arbitrary commands via the rsargs parameter in an exec action.
Juniper Junos 10.3
Juniper Junos 10.2
Juniper Junos 10.1
Juniper Junos 12.1
Juniper Junos
Juniper Junos 11.4
Juniper Junos 12.3
Juniper Junos 12.2
Juniper Junos 10.0
1 EDB exploit
NA
CVE-2009-2783
Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 2.3.3 allow remote malicious users to inject arbitrary web script or HTML via the (1) op parameter to modules/pm/viewpmsg.php and (2) query string to modules/profile/user.php.
Xoops Xoops 2.3.3
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
NEXT »