Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tools vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-48292
The XWiki Admin Tools Application provides tools to help the administration of XWiki. Starting in version 4.4 and prior to version 4.5.1, a cross site request forgery vulnerability in the admin tool for executing shell commands on the server allows an malicious user to execute ar...
Xwiki Admin Tools
NA
CVE-2022-35975
The GitOps Tools Extension for VSCode can make it easier to manage Flux objects. A specially crafted Flux object may allow for remote code execution in the machine running the extension, in the context of the user that is running VSCode. Users using the VSCode extension to manage...
Weave Gitops Tools
NA
CVE-2022-35976
The GitOps Tools Extension for VSCode relies on kubeconfigs in order to communicate with Kubernetes clusters. A specially crafted kubeconfig leads to arbitrary code execution on behalf of the user running VSCode. Users relying on kubeconfigs that are generated or altered by other...
Weave Gitops Tools
4.3
CVSSv2
CVE-2015-6749
Buffer overflow in the aiff_open function in oggenc/audio.c in vorbis-tools 1.4.0 and previous versions allows remote malicious users to cause a denial of service (crash) via a crafted AIFF file.
Xiph Vorbis-tools
7.5
CVSSv2
CVE-2020-15492
An issue exists in INNEO Startup TOOLS 2017 M021 12.0.66.3784 through 2018 M040 13.0.70.3804. The sut_srv.exe web application (served on TCP port 85) includes user input into a filesystem access without any further validation. This might allow an unauthenticated malicious user to...
Inneo Startup Tools
1 Github repository
5.7
CVSSv2
CVE-2011-3589
The Red Hat mkdumprd script for kexec-tools, as distributed in the kexec-tools 1.x prior to 1.102pre-154 and 2.x prior to 2.0.0-209 packages in Red Hat Enterprise Linux, uses world-readable permissions for vmcore files, which allows local users to obtain sensitive information by ...
Redhat Kexec-tools
6.8
CVSSv2
CVE-2021-31938
Microsoft VsCode Kubernetes Tools Extension Elevation of Privilege Vulnerability
Microsoft Kubernetes Tools -
10
CVSSv2
CVE-2009-1916
dig.php in GScripts.net DNS Tools allows remote malicious users to execute arbitrary commands via shell metacharacters in the ns parameter.
Gscripts Dns Tools
1 EDB exploit
NA
CVE-2023-26364
@adobe/css-tools version 4.3.0 and previous versions are affected by an Improper Input Validation vulnerability that could result in a minor denial of service while attempting to parse CSS. Exploitation of this issue does not require user interaction or privileges.
Adobe Css-tools
NA
CVE-2023-27453
Cross-Site Request Forgery (CSRF) vulnerability in LWS LWS Tools plugin <= 2.3.1 versions.
Lws Lws Tools
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »