Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
metasploit.com vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2022-30781
Gitea prior to 1.16.7 does not escape git fetch remote.
Gitea Gitea
2 Github repositories
NA
CVE-2023-1133
Delta Electronics InfraSuite Device Master versions before 1.0.5 contain a vulnerability in which the Device-status service listens on port 10100/ UDP by default. The service accepts the unverified UDP packets and deserializes the content, which could allow an unauthenticated mal...
Deltaww Infrasuite Device Master
NA
CVE-2024-1708
ConnectWise ScreenConnect 23.9.7 and prior are affected by path-traversal vulnerability, which may allow an attacker the ability to execute remote code or directly impact confidential data or critical systems.
Connectwise Screenconnect
2 Github repositories
10 Articles
9.3
CVSSv2
CVE-2013-3906
GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Lync 2010, 2010 Attendee, 2013, and Basic 2013 allows remote malicious users to execute arbitrary code via a crafted TIFF image, as demonst...
Microsoft Office 2010
Microsoft Office 2007
Microsoft Office 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Lync 2010
Microsoft Lync 2013
Microsoft Lync Basic 2013
1 EDB exploit
2 Github repositories
5 Articles
9
CVSSv2
CVE-2016-9554
The Sophos Web Appliance Remote / Secure Web Gateway server (version 4.2.1.3) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. These vulnerabilities occur in MgrDiagnosticTools.php (/controllers/MgrDiagnosticTools.php), in the compone...
Sophos Web Appliance 4.2.1.3
1 EDB exploit
NA
CVE-2023-29357
Microsoft SharePoint Server Elevation of Privilege Vulnerability
Microsoft Sharepoint Server 2019
4 Github repositories
3 Articles
5.1
CVSSv2
CVE-2006-2447
SpamAssassin prior to 3.1.3, when running with vpopmail and the paranoid (-P) switch, allows remote malicious users to execute arbitrary commands via a crafted message that is not properly handled when invoking spamd with the virtual pop username.
Apache Spamassassin 3.1.2
Apache Spamassassin 3.1.0
Apache Spamassassin 3.1.1
2 EDB exploits
7.2
CVSSv2
CVE-2013-1300
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local ...
Microsoft Windows Server 2008
Microsoft Windows Rt -
Microsoft Windows Xp -
Microsoft Windows 8 -
Microsoft Windows Xp
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2012 -
1 EDB exploit
7.6
CVSSv2
CVE-2019-8565
A race condition was addressed with additional validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. A malicious application may be able to gain root privileges.
Apple Iphone Os
Apple Mac Os X
1 EDB exploit
9
CVSSv2
CVE-2019-16663
An issue exists in rConfig 3.9.2. An attacker can directly execute system commands by sending a GET request to search.crud.php because the catCommand parameter is passed to the exec function without filtering, which can lead to command execution.
Rconfig Rconfig 3.9.2
3 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »