Vulmon Recent Vulnerabilities Trends About Contact

Recent vulnerabilities and exploits

9.3
CVSSv2
CVE-2018-8420
A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka "MS XML Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server...
MicrosoftWindows 10Windows 7Windows 8.1Windows Server
9.3
CVSSv2
CVE-2017-8464
Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows local users or remote attackers to execute arbitrary code via...
MicrosoftWindows 10Windows 7Windows 8.1Windows Rt 8.1Windows Server 2008Windows Server 2012Windows Server 2016
4.3
CVSSv2
CVE-2019-16219
WordPress before 5.2.3 allows XSS in shortcode previews....
Wordpress
4.3
CVSSv2
CVE-2019-16222
WordPress before 5.2.3 has an issue with URL sanitization in wp_kses_bad_protocol_once in wp-includes/kses.php that can lead to cross-site scripting (XSS) attacks....
Wordpress
NA
CVE-2020-11647
A stack overflow has been found in the fAbstractSyntaxNType function of the BACApp dissector of Wireshark versions prior to 3.2.3, which could be triggered by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file....
NA
CVE-2020-1730
A malicious client or server could crash the counterpart implemented with libssh before 0.9.4. When AES-CTR ciphers are used and don't get fully initialized, libssh will crash when it tries to cleanup the AES-CTR ciphers when closing the connection....
NA
CVE-2020-11653
An issue was discovered in Varnish Cache before 6.0.6 LTS, 6.1.x and 6.2.x before 6.2.3, and 6.3.x before 6.3.2. It occurs when communication with a TLS termination proxy uses PROXY version 2. There can be an assertion failure and daemon restart, which causes a performance loss....
NA
CVE-2019-20637
An issue was discovered in Varnish Cache before 6.0.5 LTS, 6.1.x and 6.2.x before 6.2.2, and 6.3.x before 6.3.1. It does not clear a pointer between the handling of one client request and the next request within the same connection. This sometimes causes information to be...
NA
CVE-2020-11650
An issue was discovered in iXsystems FreeNAS 11.2 and 11.3 before 11.3-U1. It allows a denial of service....
NA
CVE-2020-10603
Advantech WebAccess could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by OS command injection vulnerability. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary OS commands on the...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-1630CVE-2020-0674CVE-2018-21038bypassCVE-2020-1987CVE-2020-1988insecure direct object referencerace conditionCVE-2020-6819