Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
a-member vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-36826
Sentry is an error tracking and performance monitoring platform. Starting in version 8.21.0 and prior to version 23.5.2, an authenticated user can download a debug or artifact bundle from arbitrary organizations and projects with a known bundle ID. The user does not need to be a ...
Sentry Sentry
580
VMScore
CVE-2020-13443
ExpressionEngine prior to 5.3.2 allows remote malicious users to upload and execute arbitrary code in a .php%20 file via Compose Msg, Add attachment, and Save As Draft actions. A user with low privileges (member) is able to upload this. It is possible to bypass the MIME type chec...
Expressionengine Expressionengine
625
VMScore
CVE-2007-0467
crashdump in Apple Mac OS X 10.4.8 allows local users in the admin group to modify arbitrary files or gain privileges via a symlink attack on application logs in /Library/Logs/CrashReporter/.
Apple Mac Os X 10.4.8
1 EDB exploit
481
VMScore
CVE-2012-0875
SystemTap 1.7, 1.6.7, and probably other versions, when unprivileged mode is enabled, allows local users to obtain sensitive information from kernel memory or cause a denial of service (kernel panic and crash) via vectors related to crafted DWARF data, which triggers a read of an...
Systemtap Systemtap 1.7
Systemtap Systemtap 1.6.7
392
VMScore
CVE-2018-1214
Dell EMC SupportAssist Enterprise version 1.1 creates a local Windows user account named "OMEAdapterUser" with a default password as part of the installation process. This unnecessary user account also remains even after an upgrade from v1.1 to v1.2. Access to the manag...
Dell Emc Supportassist Enterprise 1.1
641
VMScore
CVE-2019-14510
An issue exists in Kaseya VSA RMM up to and including 9.5.0.22. When using the default configuration, the LAN Cache feature creates a local account FSAdminxxxxxxxxx (e.g., FSAdmin123456789) on the server that hosts the LAN Cache and all clients that are assigned to a LAN Cache. T...
Kaseya Vsa
890
VMScore
CVE-2004-0450
Format string vulnerability in the printlog function in log2mail prior to 0.2.5.2 allows local users or remote malicious users to execute arbitrary code via format string specifiers in a logfile monitored by log2mail.
Log2mail Log2mail 0.2.5.0
Log2mail Log2mail 0.2.5.1
Log2mail Log2mail 0.2.2.2
Log2mail Log2mail 0.2.5.2
NA
CVE-2023-20040
A vulnerability in the NETCONF service of Cisco Network Services Orchestrator (NSO) could allow an authenticated, remote malicious user to cause a denial of service (DoS) on an affected system that is running as the root user. To exploit this vulnerability, the attacker must be a...
Cisco Network Services Orchestrator
Cisco Network Services Orchestrator 5.8
NA
CVE-2023-23612
OpenSearch is an open source distributed and RESTful search engine. OpenSearch uses JWTs to store role claims obtained from the Identity Provider (IdP) when the authentication backend is SAML or OpenID Connect. There is an issue in how those claims are processed from the JWTs whe...
Amazon Opensearch
NA
CVE-2024-32473
Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. In 26.0.0, IPv6 is not disabled on network interfaces, including those belonging to networks where `--ipv6=false`. An con...
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »