Recent vulnerabilities and exploits

NA

SQL Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.0.23....

NA

A vulnerability has been found in Ydalb mapicoin up to 1.9.0 and classified as problematic. This vulnerability affects unknown code of the file webroot/stats.php. The manipulation of the argument link/search leads to cross site scripting. The attack can be initiated remotely....

NA

A CWE-20: Improper Input Validation vulnerability exists in Custom Reports that could cause a macro to be executed, potentially leading to remote code execution when a user opens a malicious report file planted by an attacker. Affected Products: IGSS Data...

NA

** DISPUTED ** An access control issue in Harbor v1.X.X to v2.5.3 allows attackers to access public and private image repositories without authentication. NOTE: the vendor's position is that this "is clearly described in the documentation as a feature."...

Linuxfoundation Harbor6 Github repositories available

7.6

CVSSv2

The WinVerifyTrust function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly validate PE file...

NA

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists in Custom Reports that could cause a remote code execution when a victim tries to open a malicious report. Affected Products: IGSS Data Server(IGSSdataServer.exe)(V16.0.0.23040 and prior),...

NA

A CWE-502: Deserialization of Untrusted Data vulnerability exists in the Dashboard module that could cause an interpretation of malicious payload data, potentially leading to remote code execution when an attacker gets the user to open a malicious file. Affected Products: IGSS...

NA

Authorization Bypass Through User-Controlled Key vulnerability in Vadi Corporate Information Systems DigiKent allows Authentication Bypass, Authentication Abuse. This issue affects DigiKent: before 23.03.20....

10

CVSSv2

A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to an...

Cisco Adaptive Security Appliance Software Cisco Firepower Threat Defense 6.0.0 Cisco Firepower Threat Defense 6.0.1 Cisco Firepower Threat Defense 6.1.0 Cisco Firepower Threat Defense 6.2.1 Cisco Firepower Threat Defense 6.2.0 Cisco Firepower Threat Defense 6.2.21 EDB exploit available37 Github repositories available5 Articles available

10

CVSSv2

An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged...

Intel Active Management Technology Firmware 6.1 Intel Active Management Technology Firmware 6.2 Intel Active Management Technology Firmware 10.0 Intel Active Management Technology Firmware 11.0 Intel Active Management Technology Firmware 6.0 Intel Active Management Technology Firmware 9.0 Intel Active Management Technology Firmware 9.1 Intel Active Management Technology Firmware 9.5 Intel Active Management Technology Firmware 7.0 Intel Active Management Technology Firmware 7.1 Intel Active Management Technology Firmware 11.5 Intel Active Management Technology Firmware 11.6 Intel Active Management Technology Firmware 8.0 Intel Active Management Technology Firmware 8.11 EDB exploit available1 Metasploit module available1 Nmap script available52 Github repositories available12 Articles available

Get Started

1 2 3 4 5 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook