Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
Recent vulnerabilities and exploits
7.5
CVSSv3
CVE-2018-14940
PHPCMS 9 allows remote malicious users to cause a denial of service (resource consumption) via large font_size, height, and width parameters in an api.php?op=checkcode request.
Phpcms Phpcms 9.0
6.5
CVSSv3
CVE-2018-14941
Harmonic NSG 9000 devices allow remote authenticated users to read the webapp.py source code via a direct request for the /webapp.py URI.
Harmonicinc Nsg 9000 -
7.5
CVSSv3
CVE-2020-0681
A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0734.
Microsoft Windows 10 -
Microsoft Windows 10 1607
Microsoft Windows 10 1709
Microsoft Windows 10 1803
Microsoft Windows 10 1809
Microsoft Windows 10 1903
Microsoft Windows 10 1909
Microsoft Windows 7 -
Microsoft Windows 8.1 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2008 -
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 -
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2016 1803
Microsoft Windows Server 2016 1903
Microsoft Windows Server 2016 1909
Microsoft Windows Server 2019
2 Articles
8.8
CVSSv3
CVE-2018-14942
Harmonic NSG 9000 devices allow remote authenticated users to conduct directory traversal attacks, as demonstrated by "POST /PY/EMULATION_GET_FILE" or "POST /PY/EMULATION_EXPORT" with FileName=../../../passwd in the POST data.
Harmonicinc Nsg 9000 Firmware -
9.8
CVSSv3
CVE-2018-14943
Harmonic NSG 9000 devices have a default password of nsgadmin for the admin account, a default password of nsgguest for the guest account, and a default password of nsgconfig for the config account.
Harmonicinc Nsg 9000 Firmware -
7.8
CVSSv3
CVE-2018-14944
An issue has been found in jpeg_encoder through 2015-11-27. It is a SEGV in the function readFromBMP in jpeg_encoder.cpp. The signal is caused by an out-of-bounds write.
Jpeg Encoder Project Jpeg Encoder
8.1
CVSSv3
CVE-2020-0692
An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'.
Microsoft Exchange Server 2013
Microsoft Exchange Server 2016
Microsoft Exchange Server 2019
1 Article
5.4
CVSSv3
CVE-2020-0695
A spoofing vulnerability exists when Office Online Server does not validate origin in cross-origin communications correctly, aka 'Microsoft Office Online Server Spoofing Vulnerability'.
Microsoft Office Online Server -
2 Articles
6.5
CVSSv3
CVE-2020-0696
A security feature bypass vulnerability exists in Microsoft Outlook software when it improperly handles the parsing of URI formats, aka 'Microsoft Outlook Security Feature Bypass Vulnerability'.
Microsoft Office 2019
Microsoft Office 365 Proplus -
Microsoft Outlook 2010
Microsoft Outlook 2013
Microsoft Outlook 2016
2 Articles
7.8
CVSSv3
CVE-2020-0697
An elevation of privilege vulnerability exists in Microsoft Office OLicenseHeartbeat task, where an attacker who successfully exploited this vulnerability could run this task as SYSTEM.To exploit the vulnerability, an authenticated attacker would need to place a specially crafted...
Microsoft Office 365 Proplus -
2 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
10
NEXT »