Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
directory server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-38960
Insecure Permissions issue in Raiden Professional Server RaidenFTPD v.2.4 build 4005 allows a local malicious user to gain privileges and execute arbitrary code via crafted executable running from the installation directory.
6.5
CVSSv3
CVE-2024-21356
Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2012 -
Microsoft Windows Server 2008 -
Microsoft Windows 11 23h2
Microsoft Windows 10 22h2
Microsoft Windows 11 22h2
Microsoft Windows 10 21h2
Microsoft Windows 11 21h2
Microsoft Windows Server 2022
Microsoft Windows Server 2019
Microsoft Windows Server 2016
Microsoft Windows Server 2022 23h2
Microsoft Windows 10 1809
Microsoft Windows 10 1607
Microsoft Windows 10 1507
7.8
CVSSv3
CVE-2023-32479
Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server versions before 11.9.0 contain privilege escalation vulnerability due to improper ACL of the non-default installation directory. A local malicious user could potentially exploit this vu...
Dell Encryption
Dell Endpoint Security Suite Enterprise
Dell Security Management Server
4.3
CVSSv3
CVE-2024-0380
The WP Recipe Maker plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 9.1.0 via the 'icon' attribute used in Shortcodes. This makes it possible for authenticated attackers, with contributor-level access and above, to include...
Bootstrapped Wp Recipe Maker
7.2
CVSSv3
CVE-2024-0221
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.8.19 via the rename_item function. This makes it possible for authenticated malicious users to rename arbitrary files...
10web Photo Gallery
7.5
CVSSv3
CVE-2024-24756
Crafatar serves Minecraft avatars based on the skin for use in external applications. Files outside of the `lib/public/` directory can be requested from the server. Instances running behind Cloudflare (including crafatar.com) are not affected. Instances using the Docker container...
Crafatar Crafatar
8.8
CVSSv3
CVE-2023-36496
Delegated Admin Privilege virtual attribute provider plugin, when enabled, allows an authenticated user to elevate their permissions in the Directory Server.
Pingidentity Pingdirectory
Pingidentity Pingdirectory 9.2.0.1
Pingidentity Pingdirectory 9.3.0.0
Pingidentity Pingdirectory 9.3.0.1
Pingidentity Pingdirectory 9.2.0.0
7.5
CVSSv3
CVE-2024-23334
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. When using aiohttp as a web server and configuring static routes, it is necessary to specify the root path for static files. Additionally, the option 'follow_symlinks' can be used to determi...
Aiohttp Aiohttp
Fedoraproject Fedora 39
6 Github repositories
1 Article
9.8
CVSSv3
CVE-2024-23822
Thruk is a multibackend monitoring webinterface. before 3.12, the Thruk web monitoring application presents a vulnerability in a file upload form that allows a threat actor to arbitrarily upload files to the server to any path they desire and have permissions for. This vulnerabil...
Thruk Thruk
4.9
CVSSv3
CVE-2024-0697
The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.2.3 via the node_id parameter in the backuply_get_jstree function. This makes it possible for attackers with administrator pri...
Softaculous Backuply
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »