Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2020-9682
Adobe Creative Cloud Desktop Application versions 5.1 and previous versions have a symlink vulnerability vulnerability. Successful exploitation could lead to arbitrary file system write.
Adobe Creative Cloud Desktop Application
10
CVSSv2
CVE-2020-5902
In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Ddos Hybrid Defender
F5 Big-ip Domain Name System
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Ssl Orchestrator
90 Github repositories
6 Articles
10
CVSSv2
CVE-2020-9412
The file transfer component of TIBCO Software Inc.'s TIBCO Managed File Transfer Platform Server for IBM i contains a vulnerability that theoretically allows execution of arbitrary commands at the privilege level of the affected system following a failed file transfer. Affec...
Tibco Managed File Transfer Platform Server
Tibco Managed File Transfer Platform Server 8.0.0
10
CVSSv2
CVE-2020-3633
Array out of bound may occur while playing mp3 file as no check is there on offset if it is greater than the buffer allocated or not in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdr...
Qualcomm Apq8009 Firmware -
Qualcomm Apq8053 Firmware -
Qualcomm Apq8096au Firmware -
Qualcomm Apq8098 Firmware -
Qualcomm Kamorta Firmware -
Qualcomm Mdm9206 Firmware -
Qualcomm Mdm9207c Firmware -
Qualcomm Mdm9607 Firmware -
Qualcomm Msm8905 Firmware -
Qualcomm Msm8909w Firmware -
Qualcomm Msm8917 Firmware -
Qualcomm Msm8953 Firmware -
Qualcomm Msm8996au Firmware -
Qualcomm Msm8998 Firmware -
Qualcomm Qcs405 Firmware -
Qualcomm Qcs605 Firmware -
Qualcomm Qm215 Firmware -
Qualcomm Rennell Firmware -
Qualcomm Saipan Firmware -
Qualcomm Sda660 Firmware -
Qualcomm Sdm429 Firmware -
Qualcomm Sdm429w Firmware -
10
CVSSv2
CVE-2020-12828
An issue exists in AnchorFree VPN SDK prior to 1.3.3.218. The VPN SDK service takes certain executable locations over a socket bound to localhost. Binding to the socket and providing a path where a malicious executable file resides leads to executing the malicious executable file...
Pango Virtual Private Network Software Development Kit
1 Github repository
1 Article
10
CVSSv2
CVE-2020-8899
There is a buffer overwrite vulnerability in the Quram qmg library of Samsung's Android OS versions O(8.x), P(9.0) and Q(10.0). An unauthenticated, unauthorized attacker sending a specially crafted MMS to a vulnerable phone can trigger a heap-based buffer overflow in the Qur...
Google Android 8.0
Google Android 8.1
Google Android 9.0
Google Android 10.0
1 Github repository
10
CVSSv2
CVE-2020-8481
For ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5....
Abb 800xa System 5.1
10
CVSSv2
CVE-2020-11811
In qdPM 9.1, an attacker can upload a malicious .php file to the server by exploiting the Add Profile Photo capability with a crafted content-type value. After that, the attacker can execute an arbitrary command on the server using this malicious file.
Qdpm Qdpm 9.1
10
CVSSv2
CVE-2020-3794
ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have a file inclusion vulnerability. Successful exploitation could lead to arbitrary code execution of files located in the webroot or its subdirectory.
Adobe Coldfusion 2016
Adobe Coldfusion 2018
10
CVSSv2
CVE-2020-9423
LogicalDoc prior to 8.3.3 could allow an malicious user to upload arbitrary files, leading to command execution or retrieval of data from the database. LogicalDoc provides a functionality to add documents. Those documents could then be used for multiple tasks, such as version con...
Logicaldoc Logicaldoc
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
brute force
CVE-2024-24908
open redirect
CVE-2024-31497
CVE-2023-45866
CVE-2024-4135
CVE-2024-25523
cache poisoning
CVE-2024-4649
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »