Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tools vulnerabilities and exploits
(subscribe to this query)
5.7
CVSSv2
CVE-2011-3590
The Red Hat mkdumprd script for kexec-tools, as distributed in the kexec-tools 1.x prior to 1.102pre-154 and 2.x prior to 2.0.0-209 packages in Red Hat Enterprise Linux, includes all of root's SSH private keys within a vmcore file, which allows context-dependent malicious us...
Redhat Kexec-tools
7.5
CVSSv2
CVE-2022-25865
The package workspace-tools prior to 0.18.4 are vulnerable to Command Injection via git argument injection. When calling the fetchRemoteBranch(remote: string, remoteBranch: string, cwd: string) function, both the remote and remoteBranch parameters are passed to the git fetch subc...
Microsoft Workspace-tools
1 Github repository
3.6
CVSSv2
CVE-2015-0267
The Red Hat module-setup.sh script for kexec-tools, as distributed in the kexec-tools prior to 2.0.7-19 packages in Red Hat Enterprise Linux, allows local users to write to arbitrary files via a symlink attack on a temporary file.
Redhat Kexec-tools
6.8
CVSSv2
CVE-2021-21415
Prisma VS Code a VSCode extension for Prisma schema files. This is a Remote Code Execution Vulnerability that affects all versions of the Prisma VS Code extension older than 2.20.0. If a custom binary path for the Prisma format binary is set in VS Code Settings, for example by do...
Prisma Language-tools
2.1
CVSSv2
CVE-2021-25316
A Insecure Temporary File vulnerability in s390-tools of SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-SP2 allows local malicious users to prevent VM live migrations This issue affects: SUSE Linux Enterprise Server 12-SP5 s390-tools versions before 2.1.0-18...
Suse S390-tools
6.9
CVSSv2
CVE-2013-1495
asr in Oracle Auto Service Request in Oracle Support Tools prior to 4.3.2 allows local users to modify arbitrary files via a symlink attack on a predictable filename in /tmp.
Oracle Support Tools
5
CVSSv2
CVE-2014-4007
The SAP Upgrade tools for ABAP has hardcoded credentials, which makes it easier for remote malicious users to obtain access via unspecified vectors.
Sap Upgrade Tools -
NA
CVE-2023-48631
@adobe/css-tools versions 4.3.1 and previous versions are affected by an Improper Input Validation vulnerability that could result in a denial of service while attempting to parse CSS.
Adobe Css-tools
10
CVSSv2
CVE-2009-1361
dig.php in GScripts.net DNS Tools allows remote malicious users to execute arbitrary commands via shell metacharacters in the host parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Gscripts Dns Tools
1 EDB exploit
5.7
CVSSv2
CVE-2011-3588
The SSH configuration in the Red Hat mkdumprd script for kexec-tools, as distributed in the kexec-tools 1.x prior to 1.102pre-154 and 2.x prior to 2.0.0-209 packages in Red Hat Enterprise Linux, disables the StrictHostKeyChecking option, which allows man-in-the-middle malicious u...
Redhat Kexec-tools
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »