Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
metasploit.com vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-25826
Due to insufficient validation of parameters passed to the legacy HTTP query API, it is possible to inject crafted OS commands into multiple parameters and execute malicious code on the OpenTSDB host system. This exploit exists due to an incomplete fix that was made when this vu...
Opentsdb Opentsdb
1 Metasploit module
1 Github repository
7.5
CVSSv3
CVE-2023-28770
The sensitive information exposure vulnerability in the CGI “Export_Log” and the binary “zcmd” in Zyxel DX5401-B0 firmware versions prior to V5.17(ABYO.1)C0 could allow a remote unauthenticated malicious user to read the system files and to retrieve the pa...
Zyxel Dx5401-b0 Firmware
9.8
CVSSv3
CVE-2023-28771
Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 up to and including 4.73, VPN series firmware versions 4.60 up to and including 5.35, USG FLEX series firmware versions 4.60 up to and including 5.35, and ATP series firmware versions 4.60 up to and...
Zyxel Atp100 Firmware
Zyxel Atp100w Firmware
Zyxel Atp200 Firmware
Zyxel Atp500 Firmware
Zyxel Atp700 Firmware
Zyxel Atp800 Firmware
Zyxel Usg Flex 100 Firmware
Zyxel Usg Flex 100w Firmware
Zyxel Usg Flex 200 Firmware
Zyxel Usg Flex 50 Firmware
Zyxel Usg Flex 500 Firmware
Zyxel Usg Flex 50w Firmware
Zyxel Usg Flex 700 Firmware
Zyxel Vpn100 Firmware
Zyxel Vpn1000 Firmware
Zyxel Vpn300 Firmware
Zyxel Vpn50 Firmware
Zyxel Zywall Usg 310 Firmware
Zyxel Zywall Usg 310 Firmware 4.73
Zyxel Zywall Usg 100 Firmware
Zyxel Zywall Usg 100 Firmware 4.73
1 Github repository
1 Article
9.8
CVSSv3
CVE-2023-27524
Session Validation attacks in Apache Superset versions up to and including 2.0.1. Installations that have not altered the default configured SECRET_KEY according to installation instructions allow for an malicious user to authenticate and access unauthorized resources. This does ...
Apache Superset
20 Github repositories
1 Article
9.8
CVSSv3
CVE-2023-27350
This vulnerability allows remote malicious users to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). Authentication is not required to exploit this vulnerability. The specific flaw exists within the SetupCompleted class. The issue results from ...
Papercut Papercut Ng
Papercut Papercut Mf
10 Github repositories
3 Articles
7.5
CVSSv3
CVE-2023-21931
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compro...
Oracle Weblogic Server 12.2.1.3.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
1 Github repository
7.2
CVSSv3
CVE-2023-29084
Zoho ManageEngine ADManager Plus prior to 7181 allows for authenticated users to exploit command injection via Proxy settings.
Zohocorp Manageengine Admanager Plus 7.1
Zohocorp Manageengine Admanager Plus
1 Github repository
7.8
CVSSv3
CVE-2023-28252
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2008 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2019 -
Microsoft Windows Server 2022 -
Microsoft Windows 10 20h2
Microsoft Windows 11 21h2
Microsoft Windows 10 21h2
Microsoft Windows 11 22h2
Microsoft Windows 10 22h2
Microsoft Windows 10 1809
Microsoft Windows 10 1607
Microsoft Windows 10 1507
8 Github repositories
5 Articles
9.8
CVSSv3
CVE-2023-26068
Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 2 of 4).
Lexmark Cxtpc Firmware
Lexmark Cstpc Firmware
Lexmark Mxtct Firmware
Lexmark Mxtpm Firmware
Lexmark Cxtmm Firmware
Lexmark Mslsg Firmware
Lexmark Mxlsg Firmware
Lexmark Mslbd Firmware
Lexmark Mxlbd Firmware
Lexmark Msngm Firmware
Lexmark Mxngm Firmware
Lexmark Mxtgm Firmware
Lexmark Msngw Firmware
Lexmark Mstgw Firmware
Lexmark Mxtgw Firmware
Lexmark Cslbn Firmware
Lexmark Cslbl Firmware
Lexmark Cxlbn Firmware
Lexmark Cxlbl Firmware
Lexmark Csnzj Firmware
Lexmark Cxtzj Firmware
Lexmark Cxnzj Firmware
8.1
CVSSv3
CVE-2023-26067
Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 1 of 4).
Lexmark Cxtpc Firmware
Lexmark Cstpc Firmware
Lexmark Mxtct Firmware
Lexmark Mxtpm Firmware
Lexmark Cxtmm Firmware
Lexmark Mslsg Firmware
Lexmark Mxlsg Firmware
Lexmark Mslbd Firmware
Lexmark Mxlbd Firmware
Lexmark Msngm Firmware
Lexmark Mxngm Firmware
Lexmark Mxtgm Firmware
Lexmark Msngw Firmware
Lexmark Mstgw Firmware
Lexmark Mxtgw Firmware
Lexmark Cslbn Firmware
Lexmark Cslbl Firmware
Lexmark Cxlbn Firmware
Lexmark Cxlbl Firmware
Lexmark Csnzj Firmware
Lexmark Cxtzj Firmware
Lexmark Cxnzj Firmware
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »