Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sec consult vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2019-19457
SALTO ProAccess SPACE 5.4.3.0 allows XSS.
Saltosystem Proaccess Space
9.8
CVSSv3
CVE-2019-19459
An issue exists in SALTO ProAccess SPACE 5.4.3.0. An attacker can write arbitrary content to arbitrary files, as demonstrated by CVE-2019-19458 files under the web root, or .bat files that will be used with auto start. This allows an malicious user to execute arbitrary commands o...
Saltosystem Proaccess Space
8.6
CVSSv3
CVE-2019-19458
SALTO ProAccess SPACE 5.4.3.0 allows Directory Traversal in the Data Export feature.
Saltosystem Proaccess Space
5.5
CVSSv3
CVE-2019-19460
An issue exists in SALTO ProAccess SPACE 5.4.3.0. The product's webserver runs as a Windows service with local SYSTEM permissions by default. This is against the principle of least privilege. An attacker who is able to exploit CVE-2019-19458 or CVE-2019-19459 is basically ab...
Saltosystem Proaccess Space
8.8
CVSSv3
CVE-2021-39280
Certain Korenix JetWave devices allow authenticated users to execute arbitrary code as root via /syscmd.asp. This affects 2212X prior to 1.9.1, 2212S prior to 1.9.1, 2212G prior to 1.8, 3220 V3 prior to 1.5.1, 3420 V3 prior to 1.5.1, and 2311 through 2022-01-31.
Korenix Jetwave 2212s Firmware
Korenix Jetwave 2212g Firmware
Korenix Jetwave 2311 Firmware
Korenix Jetwave 3220 Firmware
Korenix Jetwave 3420 Firmware
Korenix Jetwave 2212x Firmware
7.8
CVSSv3
CVE-2019-10679
Thomson Reuters Eikon 4.0.42144 allows all local users to modify the service executable file because of weak %PROGRAMFILES(X86)%\Thomson Reuters\Eikon permissions.
Thomsonreuters Eikon 4.0.42144
NA
CVE-2013-1813
util-linux/mdev.c in BusyBox prior to 1.21.0 uses 0777 permissions for parent directories when creating nested directories under /dev/, which allows local users to have unknown impact and attack vectors.
Redhat Enterprise Linux 6.0
T-mobile Tm-ac1900 3.0.0.4.376 3169
Busybox Busybox 0.38
Busybox Busybox 0.46
Busybox Busybox 0.47
Busybox Busybox 0.60.1
Busybox Busybox 0.60.2
Busybox Busybox 0.60.3
Busybox Busybox 1.1.2
Busybox Busybox 1.1.3
Busybox Busybox 1.11.1
Busybox Busybox 1.11.2
Busybox Busybox 1.13.1
Busybox Busybox 1.13.2
Busybox Busybox 1.14.4
Busybox Busybox 1.15.0
Busybox Busybox 1.17.0
Busybox Busybox 1.17.1
Busybox Busybox 1.18.4
Busybox Busybox 1.18.5
Busybox Busybox 1.2.2
Busybox Busybox 1.2.2.1
8.8
CVSSv3
CVE-2017-16544
In the add_match function in libbb/lineedit.c in BusyBox up to and including 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could pot...
Busybox Busybox
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Vmware Esxi 6.0
Vmware Esxi 6.5
Vmware Esxi 6.7
Redlion N-tron 702-w Firmware
Redlion N-tron 702m12-w Firmware
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
7.2
CVSSv3
CVE-2021-22708
A CWE-347: Improper Verification of Cryptographic Signature vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all versions prior to R...
Schneider-electric Evlink City Evc1s22p4 Firmware
Schneider-electric Evlink City Evc1s7p4 Firmware
Schneider-electric Evlink Parking Evw2 Firmware
Schneider-electric Evlink Parking Evf2 Firmware
Schneider-electric Evlink Parking Ev.2 Firmware
Schneider-electric Evlink Smart Wallbox Evb1a Firmware
5.3
CVSSv3
CVE-2019-15045
AjaxDomainServlet in Zoho ManageEngine ServiceDesk Plus 10 allows User Enumeration. NOTE: the vendor's position is that this is intended functionality
Zohocorp Manageengine Servicedesk Plus
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »