Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
1 vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2024-20253
A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an unauthenticated, remote malicious user to execute arbitrary code on an affected device. This vulnerability is due to the improper processing of user-provided data that is...
Cisco Unified Communications Manager
Cisco Unified Communications Manager Im And Presence Service
Cisco Unity Connection
Cisco Unified Contact Center Express 12.5\\(1\\)
Cisco Virtualized Voice Browser 12.6\\(2\\)
Cisco Virtualized Voice Browser 12.6\\(1\\)
Cisco Virtualized Voice Browser 12.5\\(1\\)
10
CVSSv3
CVE-2021-4140
It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
10
CVSSv3
CVE-2022-30123
A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 which could allow is a possible shell escape in the Lint and CommonLogger components of Rack.
Rack Project Rack
Debian Debian Linux 11.0
10
CVSSv3
CVE-2022-34819
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions < V3.3.46), SIMATIC CP 1243-1 (All versions < V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions < V3.3.46), SIMATIC CP 1243-7 LTE US (All versions < V3.3.46), SIMATIC CP 1243-8 IRC (All versions ...
Siemens Simatic Cp 1242-7 V2 Firmware
Siemens Simatic Cp 1243-1 Firmware
Siemens Simatic Cp 1243-7 Lte Eu Firmware
Siemens Simatic Cp 1243-7 Lte Us Firmware
Siemens Simatic Cp 1243-8 Irc Firmware
Siemens Simatic Cp 1542sp-1 Irc Firmware
Siemens Simatic Cp 1543-1 Firmware
Siemens Simatic Cp 1543sp-1 Firmware
Siemens Siplus Et 200sp Cp 1542sp-1 Irc Tx Rail Firmware
Siemens Siplus Et 200sp Cp 1543sp-1 Isec Firmware
Siemens Siplus Et 200sp Cp 1543sp-1 Isec Tx Rail Firmware
Siemens Siplus Net Cp 1242-7 V2 Firmware
Siemens Siplus Net Cp 1543-1 Firmware
Siemens Siplus S7-1200 Cp 1243-1 Firmware
Siemens Siplus S7-1200 Cp 1243-1 Rail Firmware
10
CVSSv3
CVE-2022-0543
It exists, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution.
Redis Redis -
1 Metasploit module
10 Github repositories
10
CVSSv3
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0
Apache Log4j
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Siemens Head-end System Universal Device Integration System
Siemens Gma-manager
Siemens Energyip 8.5
Siemens Energyip 8.6
Siemens Energyip 8.7
Siemens Energyip 9.0
Siemens Energy Engage 3.1
Siemens E-car Operation Center
2 Metasploit modules
1179 Github repositories
28 Articles
10
CVSSv3
CVE-2021-38503
The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
10
CVSSv3
CVE-2021-3554
Improper Access Control vulnerability in the patchesUpdate API as implemented in Bitdefender Endpoint Security Tools for Linux as a relay role allows an malicious user to manipulate the remote address used for pulling patches. This issue affects: Bitdefender Endpoint Security Too...
Bitdefender Endpoint Security Tools
Bitdefender Gravityzone
Bitdefender Gravityzone 6.24.1-1
10
CVSSv3
CVE-2021-25387
An improper input validation vulnerability in sflacfd_get_frm() in libsflacextractor library prior to SMR MAY-2021 Release 1 allows malicious users to execute arbitrary code on mediaextractor process.
Google Android 8.1
Google Android 9.0
Google Android 10.0
Google Android 11.0
10
CVSSv3
CVE-2020-13753
The bubblewrap sandbox of WebKitGTK and WPE WebKit, before 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop-portal, which allows access outside the sandbox. TIOCSTI can be used to direct...
Wpewebkit Wpe Webkit
Webkitgtk Webkitgtk
Fedoraproject Fedora 31
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Opensuse Leap 15.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »