Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
metasploit vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2007-5699
Stack-based buffer overflow in eIQNetworks Enterprise Security Analyzer (ESA) 2.5 allows remote malicious users to execute arbitrary code via certain data on TCP port 10616 that results in a long argument to the SEARCHREPORT command, a different vector than CVE-2007-2059.
Eiqnetworks Enterprise Security Analyzer 2.5
1 EDB exploit
7.1
CVSSv2
CVE-2014-2928
The iControl API in F5 BIG-IP LTM, APM, ASM, GTM, Link Controller, and PSM 10.0.0 up to and including 10.2.4 and 11.0.0 up to and including 11.5.1, BIG-IP AAM 11.4.0 up to and including 11.5.1, BIG-IP AFM and PEM 11.3.0 up to and including 11.5.1, BIG-IP Analytics 11.0.0 up to an...
F5 Big-ip Webaccelerator 11.0.0
F5 Big-ip Webaccelerator 10.2.3
F5 Big-ip Webaccelerator 10.0.1
F5 Big-ip Webaccelerator 9.4.8
F5 Big-ip Webaccelerator 9.4.1
F5 Big-ip Webaccelerator 11.3.0
F5 Big-ip Webaccelerator 11.2.1
F5 Big-ip Webaccelerator 11.2.0
F5 Big-ip Webaccelerator 9.4.6
F5 Big-ip Webaccelerator 9.4.5
F5 Big-ip Webaccelerator 9.4.4
F5 Big-ip Webaccelerator 9.4.3
F5 Big-ip Webaccelerator 9.4.2
F5 Big-ip Webaccelerator 10.2.2
F5 Big-ip Webaccelerator 10.2.1
F5 Big-ip Webaccelerator 10.2.0
F5 Big-ip Webaccelerator 10.1.0
F5 Big-ip Webaccelerator 11.1.0
F5 Big-ip Webaccelerator 10.2.4
F5 Big-ip Webaccelerator 10.0.0
F5 Big-ip Webaccelerator 9.4.7
F5 Big-ip Webaccelerator 9.4.0
1 EDB exploit
5.5
CVSSv2
CVE-2008-3979
Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5 and 10.2.0.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. NOTE: the previous information was obtained from the January 2009 CPU. Oracle has not ...
Oracle Database 10g 10.2.0.2
Oracle Database 10g 10.1.0.5
1 EDB exploit
6.5
CVSSv2
CVE-2015-7309
The theme editor in Bolt prior to 2.2.5 does not check the file extension when renaming files, which allows remote authenticated users to execute arbitrary code by renaming a crafted file and then directly accessing it.
Boltcms Bolt
1 EDB exploit
5
CVSSv2
CVE-2017-17692
Samsung Internet Browser 5.4.02.3 allows remote malicious users to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that redirects to a child tab and rewrites the innerHTML property.
Samsung Internet Browser 5.4.02.3
1 EDB exploit
6.8
CVSSv2
CVE-2013-3568
Cross-site request forgery (CSRF) vulnerability in Cisco Linksys WRT110 allows remote malicious users to hijack the authentication of users for requests that have unspecified impact via unknown vectors.
Cisco Linksys Wrt110 Firmware -
1 EDB exploit
9.3
CVSSv2
CVE-2013-4800
Unspecified vulnerability in HP LoadRunner prior to 11.52 allows remote malicious users to execute arbitrary code via unknown vectors, aka ZDI-CAN-1735.
Hp Loadrunner 9.50.0
Hp Loadrunner 9.51
Hp Loadrunner 9.52
Hp Loadrunner
Hp Loadrunner 11.50
Hp Loadrunner 11.0.0.0
Hp Loadrunner 9.0.0
1 EDB exploit
6.5
CVSSv2
CVE-2015-6967
Unrestricted file upload vulnerability in the My Image plugin in Nibbleblog prior to 4.0.5 allows remote administrators to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in content/private/plugins/my_ima...
Nibbleblog Nibbleblog
1 EDB exploit
7 Github repositories
5
CVSSv2
CVE-2019-11231
An issue exists in GetSimple CMS up to and including 3.3.15. insufficient input sanitation in the theme-edit.php file allows upload of files with arbitrary content (PHP code, for example). This vulnerability is triggered by an authenticated user; however, authentication can be by...
Get-simple Getsimple Cms
1 EDB exploit
6.8
CVSSv2
CVE-2014-5468
A File Inclusion vulnerability exists in Railo 4.2.1 and previous versions via a specially-crafted URL request to the thumbnail.cfm to specify a malicious PNG file, which could let a remote malicious user obtain sensitive information or execute arbitrary code.
Getrailo Railo
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »