Recent vulnerabilities and exploits

NA

Apps developed with Google Play Services SDK incorrectly had the mutability flag set to PendingIntents that were passed to the Notification service. As Google Play services SDK is so widely used, this bug affects many applications. For an application affected, this bug will let...

NA

Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an...

NA

JetBrains Ktor before 2.1.0 was vulnerable to the Reflect File Download attack...

NA

A vulnerability classified as critical was found in SourceCodester Gas Agency Management System. Affected by this vulnerability is an unknown functionality of the file /gasmark/assets/myimages/oneWord.php. The manipulation of the argument shell leads to unrestricted upload. The...

NA

In JetBrains Ktor before 2.1.0 the wrong authentication provider could be selected in some cases...

9.8

CVSSv3

A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution...

Microsoft Windows Server 2012 -Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 -Microsoft Windows Server 2019 -31 Github repositories available10 Articles available

7.5

CVSSv3

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0711,...

Microsoft Edge -Microsoft Chakracore15 Github repositories available5 Articles available

8.8

CVSSv3

A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests, aka 'Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability'....

Microsoft Sql Server 2012 Microsoft Sql Server 2014 Microsoft Sql Server 201641 Github repositories available5 Articles available

5.5

CVSSv3

An information vulnerability exists when Windows Modules Installer Service improperly discloses file information, aka 'Windows Modules Installer Service Information Disclosure Vulnerability'....

Microsoft Windows 10 1607 Microsoft Windows 10 1709 Microsoft Windows 10 1803 Microsoft Windows 10 1809 Microsoft Windows 10 1903 Microsoft Windows 10 1909 Microsoft Windows Server 2016 -Microsoft Windows Server 2016 1803 Microsoft Windows Server 2016 1903 Microsoft Windows Server 2016 1909 Microsoft Windows Server 2019 -15 Github repositories available1 Article available

9.8

CVSSv3

A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution...

Microsoft Windows Server 2012 -Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 -Microsoft Windows Server 2019 -29 Github repositories available10 Articles available

Get Started

1 2 3 4 5 6 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook