Vulmon Recent Vulnerabilities Trends Blog About Contact

Recent vulnerabilities and exploits

NA
CVE-2019-7177
Pexip Infinity before 20.1 allows Code Injection onto nodes via an admin....
NA
CVE-2020-24594
Mitel MiCloud Management Portal before 6.1 SP5 could allow an unauthenticated attacker to execute arbitrary scripts due to insufficient input validation, aka XSS. A successful exploit could allow an attacker to gain access to a user session....
NA
CVE-2020-12824
Pexip Infinity 23.x before 23.3 has improper input validation, leading to a temporary software abort via RTP....
NA
CVE-2020-24595
Mitel MiCloud Management Portal before 6.1 SP5 could allow an attacker, by sending a crafted request, to retrieve sensitive information due to insufficient access control....
NA
CVE-2019-7178
Pexip Infinity before 20.1 allows privilege escalation by restoring a system backup....
NA
CVE-2020-24615
Pexip Infinity before 24.1 has Improper Input Validation, leading to temporary denial of service via SIP....
NA
CVE-2018-10432
Pexip Infinity before 18 allows Remote Denial of Service (TLS handshakes in RTMP)....
NA
CVE-2020-25726
A Directory Traversal issue was discovered on Hak5 WiFi Pineapple Mark VII 1.x before 1.0.1-beta.2020091914551 devices. An unauthenticated user can connect to the wireless management network, including the open wireless network, and access all files and subdirectories under...
NA
CVE-2020-11805
Pexip Reverse Proxy and TURN Server before 6.1.0 has Incorrect UDP Access Control via TURN....
9.3
CVSSv2
CVE-2014-4114
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object in an Office document, as exploited in...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-3480CVE-2020-3559encryptionreflected XSSCVE-2020-3408CVE-2020-1472CVE-2020-13629firmwareCVE-2020-3488