Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
alarm vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2017-11740
In Zoho ManageEngine Application Manager 13.1 Build 13100, the administrative user has the ability to upload files/binaries that can be executed upon the occurrence of an alarm. An attacker can abuse this functionality by uploading a malicious script that can be executed on the r...
Zohocorp Manageengine Applications Manager 13.1
2.9
CVSSv2
CVE-2013-1575
The dissect_r3_cmd_alarmconfigure function in epan/dissectors/packet-assa_r3.c in the R3 dissector in Wireshark 1.6.x prior to 1.6.13 and 1.8.x prior to 1.8.5 does not properly handle a certain alarm length, which allows remote malicious users to cause a denial of service (infini...
Wireshark Wireshark 1.6.4
Wireshark Wireshark 1.6.2
Wireshark Wireshark 1.6.3
Wireshark Wireshark 1.6.10
Wireshark Wireshark 1.6.11
Wireshark Wireshark 1.6.6
Wireshark Wireshark 1.6.7
Wireshark Wireshark 1.6.0
Wireshark Wireshark 1.6.1
Wireshark Wireshark 1.6.8
Wireshark Wireshark 1.6.9
Wireshark Wireshark 1.6.5
Wireshark Wireshark 1.6.12
Wireshark Wireshark 1.8.1
Wireshark Wireshark 1.8.2
Wireshark Wireshark 1.8.3
Wireshark Wireshark 1.8.4
Wireshark Wireshark 1.8.0
NA
CVE-2023-1751
The listed versions of Nexx Smart Home devices use a WebSocket server that does not validate if the bearer token in the Authorization header belongs to the device attempting to associate. This could allow any authorized user to receive alarm information and signals meant for othe...
Getnexx Nxal-100 Firmware
Getnexx Nxg-100b Firmware
Getnexx Nxpg-100w Firmware
Getnexx Nxg-200 Firmware
1 Article
1.9
CVSSv2
CVE-2019-5213
Honor play smartphones with versions earlier than Cornell-AL00A 9.1.0.321(C00E320R1P1T8) have an insufficient authentication vulnerability. The system has a logic judge error under certain scenario. Successful exploit could allow the malicious user to modify the alarm clock setti...
Huawei Honor Play Firmware
4.6
CVSSv2
CVE-2020-27030
In onCreate of HandleApiCalls.java, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege that allows an app to set or dismiss the alarm with no additional execution privileges needed. User interaction is not needed for e...
Google Android 11.0
5
CVSSv2
CVE-2011-3008
The default configuration of Avaya Secure Access Link (SAL) Gateway 1.5, 1.8, and 2.0 contains certain domain names in the Secondary Core Server URL and Secondary Remote Server URL fields, which allows remote malicious users to obtain sensitive information by leveraging administr...
Avaya Secure Access Link Gateway 1.5
Avaya Secure Access Link Gateway 1.8
Avaya Secure Access Link Gateway 2.0
2.1
CVSSv2
CVE-2008-3777
The SIP Enablement Services (SES) Server in Avaya SIP Enablement Services 5.0, and Communication Manager (CM) 5.0 on the S8300C with SES enabled, writes account names and passwords to the (1) alarm and (2) system logs during failed login attempts, which allows local users to obta...
Avaya Sip Enablement Services 5.0
Avaya Communication Manager 5.0
7.5
CVSSv2
CVE-2018-10620
AVEVA InduSoft Web Studio v8.1 and v8.1SP1, and InTouch Machine Edition v2017 8.1 and v2017 8.1 SP1 a remote user could send a carefully crafted packet to exploit a stack-based buffer overflow vulnerability during tag, alarm, or event related actions such as read and write, with ...
Aveva Intouch Machine 2017 8.1
Aveva Indusoft Web Studio 8.1
9
CVSSv2
CVE-2021-43075
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.2 and below, version 8.5.2 and below, version 8.4.2 and below, version 8.3.2 and below allows malicious user to execute unauthorized code or com...
Fortinet Fortiwlm
1.9
CVSSv2
CVE-2004-2713
Zone Alarm Pro 1.0 up to and including 5.1 gives full access to %windir%\Internet Logs\* to the EVERYONE group, which allows local users to cause a denial of service by modifying the folder contents or permissions. NOTE: this issue has been disputed by the vendor, who claims that...
Zonelabs Zonealarm 1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »