Vulmon Recent Vulnerabilities Trends About Contact

Recent vulnerabilities and exploits

NA
CVE-2019-5108
An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed. This could lead to...
LinuxLinux Kernel
NA
CVE-2019-2989
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with...
NetappE-series Santricity Os ControllerE-series Santricity Storage ManagerE-series Santricity Unified ManagerE-series Santricity Web Services ProxyOncommand Workflow AutomationSnapmanagerOracleGraalvmJdkJreRedhatEnterprise Linux DesktopEnterprise Linux ServerEnterprise Linux Workstation
NA
CVE-2019-2964
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Concurrency). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with...
NetappE-series Santricity Storage ManagerE-series Santricity Unified ManagerE-series Santricity Web Services ProxyOncommand Workflow AutomationSnapmanagerOracleJdkJreDebianDebian LinuxRedhatEnterprise Linux DesktopEnterprise Linux ServerEnterprise Linux Workstation
NA
CVE-2020-15050
An issue was discovered in the Video Extension in Suprema BioStar 2 before 2.8.2. Remote attackers can read arbitrary files from the server via Directory Traversal....
445
VMScore
CVE-2018-15835
Android 1.0 through 9.0 has Insecure Permissions. The Android bug ID is 77286983....
GoogleAndroid
NA
CVE-2020-10988
A hard-coded telnet credential in the tenda_login binary of Tenda AC15 AC1900 version 15.03.05.19 allows unauthenticated remote attackers to start a telnetd service on the device....
NA
CVE-2020-10987
The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the deviceName POST parameter....
NA
CVE-2020-10989
An XSS issue in the /goform/WifiBasicSet endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute malicious payloads via the WifiName POST parameter....
NA
CVE-2020-10986
A CSRF issue in the /goform/SysToolReboot endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to reboot the device and cause denial of service via a payload hosted by an attacker-controlled web page....
NA
CVE-2019-19338
A flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort (TAA) error occurs. When a guest is running on a host CPU affected by the TAA...
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-15093mods-for-heskCVE-2020-15092CVE-2020-15000insecure direct object referenceencryptionCVE-2020-8193kingcomposerCVE-2020-8195mods for heskking-themeXXECVE-2020-12414