Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
call to action vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2019-10655
Grandstream GAC2500 1.0.3.35, GXP2200 1.0.3.27, GVC3202 1.0.3.51, GXV3275 prior to 1.0.3.219 Beta, and GXV3240 prior to 1.0.3.219 Beta devices allow unauthenticated remote code execution via shell metacharacters in a /manager?action=getlogcat priority field, in conjunction with a...
Grandstream Gac2500 Firmware
Grandstream Gvc3202 Firmware
Grandstream Gxv3275 Firmware
Grandstream Gxv3240 Firmware
Grandstream Gxp2200 Firmware
NA
CVE-2024-1361
The Colibri Page Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.253. This is due to missing or incorrect nonce validation on the apiCall() function. This makes it possible for unauthenticated malicious users to c...
5.5
CVSSv2
CVE-2022-0403
The Library File Manager WordPress plugin prior to 5.2.3 is using an outdated version of the elFinder library, which is know to be affected by security issues (CVE-2021-32682), and does not have any authorisation as well as CSRF checks in its connector AJAX action, allowing any a...
Wpjos Library File Manager
1 Github repository
NA
CVE-2024-22408
Shopware is an open headless commerce platform. The implemented Flow Builder functionality in the Shopware application does not adequately validate the URL used when creating the “call webhook” action. This enables malicious users to perform web requests to internal h...
Shopware Shopware
4.9
CVSSv2
CVE-2012-6657
The sock_setsockopt function in net/core/sock.c in the Linux kernel prior to 3.5.7 does not ensure that a keepalive action is associated with a stream socket, which allows local users to cause a denial of service (system crash) by leveraging the ability to create a raw socket.
Linux Linux Kernel 3.5.2
Linux Linux Kernel
Linux Linux Kernel 3.5.5
Linux Linux Kernel 3.5.3
Linux Linux Kernel 3.5.4
Linux Linux Kernel 3.5.1
Novell Suse Linux Enterprise Server 11.0
Novell Suse Linux Enterprise Server 10.0
5.8
CVSSv2
CVE-2021-29436
Anuko Time Tracker is an open source, web-based time tracking application written in PHP. In Time Tracker before version 1.19.27.5431 a Cross site request forgery (CSRF) vulnerability existed. The nature of CSRF is that a logged on user may be tricked by social engineering to cli...
7.8
CVSSv2
CVE-2017-6631
A vulnerability in the HTTP remote procedure call (RPC) service of set-top box (STB) receivers manufactured by Cisco for Yes could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because ...
Cisco Yesmax Hd Firmware -
Cisco Yesmaxtotal Firmware -
Cisco Yesquattro Firmware -
NA
CVE-2022-46169
Cacti is an open source platform which provides a robust and extensible operational monitoring and fault management framework for users. In affected versions a command injection vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a...
Cacti Cacti
1 Metasploit module
42 Github repositories
4
CVSSv2
CVE-2017-8230
On Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices, the users on the device are divided into 2 groups "admin" and "user". However, as a part of security analysis it was identified that a low privileged user who belongs to the "user" group and who ...
Amcrest Ipm-721s Firmware
NA
CVE-2021-46989
In the Linux kernel, the following vulnerability has been resolved: hfsplus: prevent corruption in shrinking truncate I believe there are some issues introduced by commit 31651c607151 ("hfsplus: avoid deadlock on file truncation") HFS+ has extent records which always co...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »