Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
desktop vulnerabilities and exploits
(subscribe to this query)
NA
CVE-1999-1138
SCO UNIX System V/386 Release 3.2, and other SCO products, installs the home directories (1) /tmp for the dos user, and (2) /usr/tmp for the asg user, which allows other users to gain access to those accounts since /tmp and /usr/tmp are world-writable.
Sco Openserver 3.0
Sco Unix System V386 3.2 Operating System
Sco Open Desktop 3.0
Sco Open Desktop Lite 3.0
Sco Unix System V386 3.2 Operating System 2.0
Sco Unix System V386 3.2 Operating System 4.0
Sco Open Desktop 1.0
Sco Open Desktop 2.0
Sco Unix System V386 3.2 Operating System 4.x
NA
CVE-2004-2493
Directory traversal vulnerability in Groupmax World Wide Web (GmaxWWW) 2 and 3, and Desktop 5, 6, and Desktop for Jichitai allows remote authenticated users to read arbitrary .html files via the template name parameter.
Hitachi Groupmax World Wide Web 03 11 B
Hitachi Groupmax World Wide Web 2
Hitachi Groupmax World Wide Web Desktop 06 50 B
Hitachi Groupmax World Wide Web 02 20 A
Hitachi Groupmax World Wide Web 02 31 I
Hitachi Groupmax World Wide Web Desktop 05 11 F
Hitachi Groupmax World Wide Web Desktop 05 11 I
Hitachi Groupmax World Wide Web Desktop 06 51 B
Hitachi Groupmax World Wide Web Desktop 06 51 C
Hitachi Groupmax World Wide Web Desktop 06 52
Hitachi Groupmax World Wide Web Desktop 06 50 C
Hitachi Groupmax World Wide Web Desktop 5
Hitachi Groupmax World Wide Web Desktop 6
Hitachi Groupmax World Wide Web 02 00
Hitachi Groupmax World Wide Web 02 20
Hitachi Groupmax World Wide Web 3
Hitachi Groupmax World Wide Web Desktop 05 00
Hitachi Groupmax World Wide Web Desktop 06 51
Hitachi Groupmax World Wide Web Desktop Gold
Hitachi Groupmax World Wide Web 03 00
Hitachi Groupmax World Wide Web 03 10 H
Hitachi Groupmax World Wide Web Desktop 05 11 J
NA
CVE-2014-4232
Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) component in Oracle Virtualization 4.63, 4.71, 5.0, and 5.1 allows remote malicious users to affect integrity via unknown vectors related to Workspace Web Application, a different vulnerability than CVE-2014-2463...
Oracle Virtualization 4.63
Oracle Virtualization 4.71
Oracle Virtualization 5.0
Oracle Virtualization Secure Global Desktop 4.71
Oracle Virtualization Secure Global Desktop 5.10
Oracle Virtualization 5.1
Oracle Virtualization Secure Global Desktop 4.63
Oracle Virtualization Secure Global Desktop 5.0
7.1
CVSSv3
CVE-2022-34292
Docker Desktop for Windows prior to 4.6.0 allows malicious users to overwrite any file through a symlink attack on the hyperv/create dockerBackendV2 API by controlling the DataFolder parameter for DockerDesktop.vhdx, a similar issue to CVE-2022-31647.
Docker Desktop
6.7
CVSSv3
CVE-2020-8140
A code injection in Nextcloud Desktop Client 2.6.2 for macOS allowed to load arbitrary code when starting the client with DYLD_INSERT_LIBRARIES set in the environment.
Nextcloud Desktop
5.4
CVSSv3
CVE-2020-8189
A cross-site scripting error in Nextcloud Desktop client 2.6.4 allowed to present any html (including local links) when responding with invalid data on the login attempt.
Nextcloud Desktop
7.8
CVSSv3
CVE-2020-8224
A code injection in Nextcloud Desktop Client 2.6.4 allowed to load arbitrary code when placing a malicious OpenSSL config into a fixed directory.
Nextcloud Desktop
5.5
CVSSv3
CVE-2020-8230
A memory corruption vulnerability exists in NextCloud Desktop Client v2.6.4 where missing ASLR and DEP protections in for windows allowed to corrupt memory.
Nextcloud Desktop
5.4
CVSSv3
CVE-2022-39332
Nexcloud desktop is the Desktop sync client for Nextcloud. An attacker can inject arbitrary HyperText Markup Language into the Desktop Client application via user status and information. It is recommended that the Nextcloud Desktop client is upgraded to 3.6.1. There are no known ...
Nextcloud Desktop
4.7
CVSSv3
CVE-2022-39334
Nextcloud also ships a CLI utility called nextcloudcmd which is sometimes used for automated scripting and headless servers. Versions of nextcloudcmd before 3.6.1 would incorrectly trust invalid TLS certificates, which may enable a Man-in-the-middle attack that exposes sensitive ...
Nextcloud Desktop
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »