Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
abuse abuse vulnerabilities and exploits
(subscribe to this query)
828
VMScore
CVE-2022-1362
The affected On-Premise cnMaestro is vulnerable inside a specific route where a user can upload a crafted package to the system. An attacker could abuse this user-controlled data to execute arbitrary commands on the server.
Cambiumnetworks Cnmaestro 2.4.2
Cambiumnetworks Cnmaestro 3.0.0
Cambiumnetworks Cnmaestro 3.0.3
NA
CVE-2023-5376
An Improper Authentication vulnerability in Korenix JetNet TFTP allows abuse of this service. This issue affects JetNet devices older than firmware version 2024/01.
Korenix Jetnet 5310g Firmware 2.6
Korenix Jetnet 4508 Firmware 2.3
Korenix Jetnet 4508i-w Firmware 1.3
Korenix Jetnet 4508-w Firmware 2.3
Korenix Jetnet 4508if-s Firmware 1.3
Korenix Jetnet 4508if-m Firmware 1.3
Korenix Jetnet 4508if-sw Firmware 1.3
Korenix Jetnet 4508if-mw Firmware 1.3
Korenix Jetnet 4508f-m Firmware 2.3
Korenix Jetnet 4508f-s Firmware 2.3
Korenix Jetnet 4508f-mw Firmware 2.3
Korenix Jetnet 4508f-sw Firmware 2.3
Korenix Jetnet 5620g-4c Firmware 1.1
Korenix Jetnet 5612gp-4f Firmware 1.2
Korenix Jetnet 5612g-4f Firmware 1.2
Korenix Jetnet 5728g-24p-ac-2dc-us Firmware 2.1
Korenix Jetnet 5728g-24p-ac-2dc-eu Firmware 2.1
Korenix Jetnet 6528gf-2ac-eu Firmware 1.0
Korenix Jetnet 6528gf-2ac-us Firmware 1.0
Korenix Jetnet 6528gf-2dc24 Firmware 1.0
Korenix Jetnet 6528gf-2dc48 Firmware 1.0
Korenix Jetnet 6528gf-ac-eu Firmware 1.0
605
VMScore
CVE-2021-39828
Adobe Digital Editions 4.5.11.187646 (and previous versions) are affected by a privilege escalation vulnerability in the Digital Editions installer. An authenticated attacker could leverage this vulnerability to escalate privileges. User interaction is required before product ins...
Adobe Digital Editions
409
VMScore
CVE-2019-12439
bubblewrap.c in Bubblewrap prior to 0.3.3 misuses temporary directories in /tmp as a mount point. In some particular configurations (related to XDG_RUNTIME_DIR), a local attacker may abuse this flaw to prevent other users from executing bubblewrap or potentially execute code.
Projectatomic Bubblewrap
578
VMScore
CVE-2021-43286
An issue exists in ThoughtWorks GoCD prior to 21.3.0. An attacker with privileges to create a new pipeline on a GoCD server can abuse a command-line injection in the Git URL "Test Connection" feature to execute arbitrary code.
Thoughtworks Gocd
NA
CVE-2022-36784
Elsight – Elsight Halo Remote Code Execution (RCE) Elsight Halo web panel allows us to perform connection validation. through the POST request : /api/v1/nics/wifi/wlan0/ping we can abuse DESTINATION parameter and leverage it to remote code execution.
Elsight Halo Firmware -
NA
CVE-2022-29800
A time-of-check-time-of-use (TOCTOU) race condition vulnerability was found in networkd-dispatcher. This flaw exists because there is a certain time between the scripts being discovered and them being run. An attacker can abuse this vulnerability to replace scripts that networkd-...
Microsoft Windows Defender For Endpoint -
2 Github repositories
1 Article
445
VMScore
CVE-2017-17553
The Dolphin Browser for Android 12.0.2 suffers from an insecure parsing implementation of the Intent URI scheme. This vulnerability could allow malicious users to abuse this implementation through a malicious Intent URI, in order to invoke private Activities within the Dolphin Br...
Changyou Dolphin 12.0.2
NA
CVE-2024-23681
Artemis Java Test Sandbox versions prior to 1.11.2 are vulnerable to a sandbox escape when an attacker loads untrusted libraries using System.load or System.loadLibrary. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed cod...
Ls1intum Artemis Java Test Sandbox
NA
CVE-2024-23683
Artemis Java Test Sandbox versions less than 1.7.6 are vulnerable to a sandbox escape when an attacker crafts a special subclass of InvocationTargetException. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed code.
Ls1intum Artemis Java Test Sandbox
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »