Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sec-consult.com vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2018-17915
All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server do not encrypt all device communication. This includes the XMeye service and firmware update communication. This could allow an malicious user to eavesdrop on video feeds, steal XMeye login credentials, ...
Xiongmaitech Xmeye P2p Cloud Server -
6.4
CVSSv2
CVE-2018-17919
All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an malicious user to use an undocumented user account "default" with its default password to login to XMeye and access/view video streams.
Xiongmaitech Xmeye P2p Cloud Server
NA
CVE-2023-6269
An argument injection vulnerability has been identified in the administrative web interface of the Atos Unify OpenScape products "Session Border Controller" (SBC) and "Branch", before version V10 R3.4.0, and OpenScape "BCF" prior to V10R10.12.00 and ...
Atos Unify Openscape Bcf
Atos Unify Openscape Branch
Atos Unify Openscape Session Border Controller
NA
CVE-2022-39172
A stored XSS in the process overview (bersicht zugewiesener Vorgaenge) in mbsupport openVIVA c2 20220101 allows a remote, authenticated, low-privileged malicious user to execute arbitrary code in the victim's browser via name field of a process.
Viva-project Openviva
NA
CVE-2023-26213
On Barracuda CloudGen WAN Private Edge Gateway devices prior to 8 webui-sdwan-1089-8.3.1-174141891, an OS command injection vulnerability exists in /ajax/update_certificate - a crafted HTTP request allows an authenticated malicious user to execute arbitrary commands. For example,...
Barracuda T100b Firmware 8.3.1
Barracuda T200c Firmware 8.3.1
Barracuda T400c Firmware 8.3.1
Barracuda T600d Firmware 8.3.1
Barracuda T900b Firmware 8.3.1
Barracuda T93a Firmware 8.3.1
Barracuda T193a Firmware 8.3.1
6.8
CVSSv2
CVE-2018-1000031
A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an malicious user to perform a denial of service or to possibly achieve code execution.
Info-zip Unzip 6.10c22
6.4
CVSSv2
CVE-2018-1000033
An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an malicious user to perform a denial of service and read sensitive memory.
Info-zip Unzip 6.10c22
7.2
CVSSv2
CVE-2017-3210
Applications developed using the Portrait Display SDK, versions 2.30 up to and including 2.34, default to insecure configurations which allow arbitrary code execution. A number of applications developed using the Portrait Displays SDK do not use secure permissions when running. T...
Portrait Portrait Display Sdk
Fujitsu Displayview Click 6.0
Fujitsu Displayview Click Suite 5.0
Fujitsu Displayview Click 6.01
Hp Display Assistant 2.1
Hp My Display 2.0
Philips Smart Control Premium 2.25
Philips Smart Control Premium 2.23
5.5
CVSSv2
CVE-2017-6698
A vulnerability in the Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) SQL database interface could allow an authenticated, remote malicious user to impact the confidentiality and integrity of the application by executing arbitrary SQL queries, aka...
Cisco Prime Infrastructure 2.0\\(4.0.45b\\)
Cisco Prime Infrastructure 3.1\\(1\\)
4.3
CVSSv2
CVE-2017-6699
A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) could allow an unauthenticated, remote malicious user to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based ...
Cisco Prime Infrastructure 3.1
Cisco Evolved Programmable Network Manager 2.0\\(4.0.45b\\)
Cisco Evolved Programmable Network Manager 2.0\\(4.0.45d\\)
Cisco Prime Infrastructure 3.1\\(0.128\\)
Cisco Prime Infrastructure 3.1.1
Cisco Evolved Programmable Network Manager 2.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »