Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
concept vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-25031
Swagger UI prior to 4.1.3 could allow a remote malicious user to conduct spoofing attacks. By persuading a victim to open a crafted URL, an attacker could exploit this vulnerability to display remote OpenAPI definitions.
Smartbear Swagger Ui
9 Github repositories
5.8
CVSSv2
CVE-2011-2260
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Sun Products Suite 2.1.1 allows remote malicious users to affect confidentiality and integrity via unknown vectors related to Administration.
Oracle Sun Products Suite 2.1.1
1 EDB exploit
5
CVSSv2
CVE-2020-5183
FTPGetter Professional 5.97.0.223 is vulnerable to a memory corruption bug when a user sends a specially crafted string to the application. This memory corruption bug can possibly be classified as a NULL pointer dereference.
Ftpgetter Ftpgetter 5.97.0.223
NA
CVE-2022-35914
/vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI up to and including 10.0.2 allows PHP code injection.
Glpi-project Glpi
12 Github repositories
10
CVSSv2
CVE-2010-1318
Stack-based buffer overflow in the AgentX::receive_agentx function in AgentX++ 1.4.16, as used in RealNetworks Helix Server and Helix Mobile Server 11.x up to and including 13.x and other products, allows remote malicious users to execute arbitrary code via unspecified vectors.
Realnetworks Helix Server 11.0
Realnetworks Helix Server Mobile 12.0.0
Realnetworks Helix Server Mobile 13.0.0
Realnetworks Helix Server 11.1
Realnetworks Helix Mobile Server
Realnetworks Helix Server 12.0.1
Realnetworks Helix Server Mobile 11.0
Realnetworks Helix Server
Realnetworks Helix Server 12.0.0
2 EDB exploits
4.6
CVSSv2
CVE-2015-2572
Unspecified vulnerability in the Oracle Hyperion Smart View for Office component in Oracle Hyperion 11.1.2.5.216 and previous versions, when running on Windows, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core.
Oracle Hyperion Smart View For Office
1 EDB exploit
7.9
CVSSv2
CVE-2016-7454
CSRF vulnerability on Technicolor TC dpc3941T (formerly Cisco dpc3941T) devices with firmware dpc3941-P20-18-v303r20421733-160413a-CMCST allows an malicious user to change the Wi-Fi password, open the remote management interface, or reset the router.
Technicolor Xfinity Gateway Router Dpc3941t Firmware Dpc3941-p20-18-v303r20421733-160413a-cmcst
1 EDB exploit
10
CVSSv2
CVE-2011-0922
The client in HP Data Protector allows remote malicious users to execute arbitrary programs via an EXEC_SETUP command that references a UNC share pathname.
Hp Data Protector
3 EDB exploits
7.8
CVSSv2
CVE-2019-11415
An issue exists on Intelbras IWR 3000N 1.5.0 devices. A malformed login request allows remote malicious users to cause a denial of service (reboot), as demonstrated by JSON misparsing of the \""} string to v1/system/login.
Intelbras Iwr 3000n Firmware 1.5.0
1 EDB exploit
10
CVSSv2
CVE-2009-0183
Stack-based buffer overflow in Remote Control Server in Free Download Manager (FDM) 2.5 Build 758 and 3.0 Build 844 allows remote malicious users to execute arbitrary code via a long Authorization header in an HTTP request.
Free Download Manager Free Download Manager 3.0
Free Download Manager Free Download Manager 2.5
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »