Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
t. weber vulnerabilities and exploits
(subscribe to this query)
655
VMScore
CVE-2018-12980
An issue exists on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before FW 02. The vulnerability allows an authenticated user to upload arbitrary files to the file system with the permissions of the web server.
Wago 762-3000 Firmware
Wago 762-3001 Firmware
Wago 762-3002 Firmware
Wago 762-3003 Firmware
1 EDB exploit
355
VMScore
CVE-2018-12981
An issue exists on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before FW 02. The vulnerability can be exploited by authenticated and unauthenticated users by sending special crafted requests to the web server allowing injecting code within the WBM. The code wil...
Wago 762-3000 Firmware
Wago 762-3001 Firmware
Wago 762-3002 Firmware
Wago 762-3003 Firmware
1 EDB exploit
383
VMScore
CVE-2021-39243
Cross-Site Request Forgery (CSRF) exists on Altus Nexto, Nexto Xpress, and Hadron Xtorm devices via any CGI endpoint. This affects Nexto NX3003 1.8.11.0, Nexto NX3004 1.8.11.0, Nexto NX3005 1.8.11.0, Nexto NX3010 1.8.3.0, Nexto NX3020 1.8.3.0, Nexto NX3030 1.8.3.0, Nexto NX5100 1...
Altus Nexto Nx3003 Firmware 1.8.11.0
Altus Nexto Nx3004 Firmware 1.8.11.0
Altus Nexto Nx3005 Firmware 1.8.11.0
Altus Nexto Nx3010 Firmware 1.8.3.0
Altus Nexto Nx3020 Firmware 1.8.3.0
Altus Nexto Nx3030 Firmware 1.8.3.0
Altus Nexto Nx5100 Firmware 1.8.11.0
Altus Nexto Nx5101 Firmware 1.8.11.0
Altus Nexto Nx5110 Firmware 1.1.2.8
Altus Nexto Nx5210 Firmware 1.1.2.8
Altus Nexto Xpress Xp300 Firmware 1.8.11.0
Altus Nexto Xpress Xp315 Firmware 1.8.11.0
Altus Nexto Xpress Xp325 Firmware 1.8.11.0
Altus Nexto Xpress Xp340 Firmware 1.8.11.0
Altus Hadron Xtorm Hx3040 Firmware 1.7.58.0
NA
CVE-2023-3526
In PHOENIX CONTACTs TC ROUTER and TC CLOUD CLIENT in versions before 2.07.2 as well as CLOUD CLIENT 1101T-TX/TX before 2.06.10 an unauthenticated remote attacker could use a reflective XSS within the license viewer page of the devices in order to execute code in the context of th...
Phoenixcontact Cloud Client 1101t-tx Firmware
Phoenixcontact Tc Cloud Client 1002-4g Att Firmware
Phoenixcontact Tc Cloud Client 1002-4g Firmware
Phoenixcontact Tc Cloud Client 1002-4g Vzw Firmware
Phoenixcontact Tc Router 3002t-4g Att Firmware
Phoenixcontact Tc Router 3002t-4g Firmware
Phoenixcontact Tc Router 3002t-4g Vzw Firmware
NA
CVE-2023-3569
In PHOENIX CONTACTs TC ROUTER and TC CLOUD CLIENT in versions before 2.07.2 as well as CLOUD CLIENT 1101T-TX/TX before 2.06.10 an authenticated remote attacker with admin privileges could upload a crafted XML file which causes a denial-of-service.
Phoenixcontact Cloud Client 1101t-tx Firmware
Phoenixcontact Tc Cloud Client 1002-4g Att Firmware
Phoenixcontact Tc Cloud Client 1002-4g Firmware
Phoenixcontact Tc Cloud Client 1002-4g Vzw Firmware
Phoenixcontact Tc Router 3002t-4g Att Firmware
Phoenixcontact Tc Router 3002t-4g Firmware
Phoenixcontact Tc Router 3002t-4g Vzw Firmware
NA
CVE-2022-39837
An issue exists in Connected Vehicle Systems Alliance (COVESA) dlt-daemon up to and including 2.18.8. Due to a faulty DLT file parser, a crafted DLT file that crashes the process can be created. This is due to missing validation checks. There is a NULL pointer dereference,
Genivi Diagnostic Log And Trace
NA
CVE-2022-39836
An issue exists in Connected Vehicle Systems Alliance (COVESA) dlt-daemon up to and including 2.18.8. Due to a faulty DLT file parser, a crafted DLT file that crashes the process can be created. This is due to missing validation checks. There is a heap-based buffer over-read of o...
Genivi Diagnostic Log And Trace
NA
CVE-2022-31213
An issue exists in dbus-broker prior to 31. Multiple NULL pointer dereferences can be found when supplying a malformed XML config file.
Dbus-broker Project Dbus-broker
NA
CVE-2022-31212
An issue exists in dbus-broker prior to 31. It depends on c-uitl/c-shquote to parse the DBus service's Exec line. c-shquote contains a stack-based buffer over-read if a malicious Exec line is supplied.
Dbus-broker Project Dbus-broker
755
VMScore
CVE-2012-4412
Integer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and previous versions allows context-dependent malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a heap-based buffer overf...
Gnu Glibc 2.1.2
Gnu Glibc 2.11
Gnu Glibc 2.0.5
Gnu Glibc 2.0.6
Gnu Glibc 2.10.1
Gnu Glibc 2.1.1
Gnu Glibc 2.14
Gnu Glibc 2.0.3
Gnu Glibc 2.0
Gnu Glibc 2.13
Gnu Glibc 2.1.1.6
Gnu Glibc 2.1
Gnu Glibc 2.1.9
Gnu Glibc 2.12.1
Gnu Glibc 2.0.1
Gnu Glibc 2.14.1
Gnu Glibc 2.11.2
Gnu Glibc 2.0.4
Gnu Glibc 2.0.2
Gnu Glibc 2.16
Gnu Glibc
Gnu Glibc 2.11.3
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
NEXT »