Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulnerabilities by relevance

7.5
CVSSv2
CVE-2021-26472
Vembu BDR Suite before 4.2.0 allows Unauthenticated Remote Code Execution by placing a command in a GET request (issue 2 of 2)....
Vembu Bdr SuiteVembu Offsite Dr 4.2.0Vembu Offsite Dr 4.2.0.1
4.3
CVSSv2
CVE-2021-24434
The Glass WordPress plugin through 1.3.2 does not sanitise or escape its "Glass Pages" setting before outputting in a page, leading to a Stored Cross-Site Scripting issue. Furthermore, the plugin did not have CSRF check in place when saving its settings, allowing the...
Codeblab Glass
6.5
CVSSv2
CVE-2021-33205
Western Digital EdgeRover before 0.25 has an escalation of privileges vulnerability where a low privileged user could load malicious content into directories with higher privileges, because of how Node.js is used. An attacker can gain admin privileges and carry out malicious...
Westerndigital Edgerover
4.3
CVSSv2
CVE-2021-27506
The ClamAV Engine (version 0.103.1 and below) component embedded in Storsmshield Network Security (SNS) is subject to DoS in case of parsing of malformed png files. This affect Netasq versions 9.1.0 to 9.1.11 and SNS versions 1.0.0 to 4.2.0. This issue is fixed in SNS 3.7.19,...
Stormshield Network SecurityClamav Clamav
5
CVSSv2
CVE-2021-29488
SABnzbd is an open source binary newsreader. A vulnerability was discovered in SABnzbd that could trick the `filesystem.renamer()` function into writing downloaded files outside the configured Download Folder via malicious PAR2 files. A patch was released as part of SABnzbd...
Sabnzbd Sabnzbd
6.5
CVSSv2
CVE-2021-31966
Microsoft SharePoint Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26420, CVE-2021-31963....
Microsoft Sharepoint Foundation 2013Microsoft Sharepoint Server 2013Microsoft Sharepoint Server 2016Microsoft Sharepoint Server 2019
2.9
CVSSv2
CVE-2021-29255
MicroSeven MYM71080i-B 2.0.5 through 2.0.20 devices send admin credentials in cleartext to pnp.microseven.com TCP port 7007. An attacker on the same network as the device can capture these credentials....
Microseven Mym71080i-b Firmware
5.8
CVSSv2
CVE-2021-29652
Pomerium from version 0.10.0-0.13.3 has an Open Redirect in the user sign-in/out process...
Pomerium Pomerium
6.8
CVSSv2
CVE-2021-28206
The specific function in ASUS BMC’s firmware Web management page (Record video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files....
Asus Asmb9-ikvm Firmware 1.11.12Asus Rs720a-e9-rs24-e Firmware 1.10.3Asus Rs700a-e9-rs4 Firmware 1.10.0Asus Rs700-e9-rs4 Firmware 1.09Asus Esc4000 G4x Firmware 1.11.6Asus Rs700-e9-rs12 Firmware 1.11.5Asus Rs100-e10-pi2 Firmware 1.13.6Asus Rs300-e10-ps4 Firmware 1.13.6Asus Rs300-e10-rs4 Firmware 1.13.6Asus Rs500a-e9-ps4 Firmware 1.14.1Asus Rs500a-e9-rs4 Firmware 1.14.1Asus Rs500a-e9 Rs4 U Firmware 1.14.1Asus E700 G4 Firmware 1.14.1Asus Ws C422 Pro\\/se Firmware 1.14.1Asus Ws X299 Pro\\/se Firmware 1.14.1Asus Z11pa-u12 Firmware 1.15.1Asus Z11pa-u12\\/10g-2s Firmware 1.15.1Asus Knpa-u16 Firmware 1.13.4Asus Esc4000 Dhd G4 Firmware 1.13.7Asus Esc4000 G4 Firmware 1.15.2Asus Rs720q-e9-rs24-s Firmware 1.15.0Asus Rs720q-e9-rs8 Firmware 1.15.0Asus Rs720q-e9-rs8-s Firmware 1.15.0Asus Z11pa-d8 Firmware 1.14.1Asus Z11pa-d8c Firmware 1.14.1Asus Rs720-e9-rs24-u Firmware 1.14.3Asus Rs720-e9-rs8-g Firmware 1.15.2Asus Rs500-e9-ps4 Firmware 1.15.4Asus Pro E800 G4 Firmware 1.14.2Asus Rs500-e9-rs4 Firmware 1.15.4Asus Rs500-e9-rs4-u Firmware 1.15.4Asus Rs520-e9-rs12-e Firmware 1.15.3Asus Rs520-e9-rs8 Firmware 1.15.3Asus Esc8000 G4 Firmware 1.15.4Asus Esc8000 G4\\/10g Firmware 1.15.4Asus Rs720-e9-rs12-e Firmware 1.15.2Asus Ws C621e Sage Firmware 1.15.1Asus Rs500a-e10-ps4 Firmware 1.15.2Asus Rs500a-e10-rs4 Firmware 1.15.2Asus Rs700a-e9-rs12v2 Firmware 1.15.1Asus Rs700a-e9-rs4v2 Firmware 1.15.1Asus Rs720a-e9-rs12v2 Firmware 1.15.2Asus Rs720a-e9-rs24v2 Firmware 1.15.1Asus Z11pr-d16 Firmware 1.15.3
2.9
CVSSv2
CVE-2021-34687
iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A man in the middle can recover a system's Personal Key when a client attempts to make a LAN connection. The Personal Key is transmitted over the network while only being encrypted via a substitution...
Idrive Remotepc
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-40724cross-site request forgeryXSSCVE-2022-0180file uploadCVE-2021-45052CVE-2022-0130CVE-2020-28919CVE-2022-0215
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook