Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2018-14906
The Web server in 3CX version 15.5.8801.3 is vulnerable to Reflected XSS on all stack traces' propertyPath parameters.
3cx 3cx Web Server 15.5.8801.3
5.3
CVSSv3
CVE-2018-14907
The Web server in 3CX version 15.5.8801.3 is vulnerable to Information Leakage, because of improper error handling in Stack traces, as demonstrated by discovering a full pathname.
3cx 3cx Web Server 15.5.8801.3
8.8
CVSSv3
CVE-2018-14908
Samsung Syncthru Web Service V4.05.61 is vulnerable to CSRF on every request, as demonstrated by sws.application/printinformation/printReportSetupView.sws for a "Print emails sent" action.
Samsung Syncthru Web Service 4.05.61
7.8
CVSSv3
CVE-2020-0555
Improper input validation for some Intel(R) Wireless Bluetooth(R) products may allow an authenticated user to potentially enable escalation of privilege via local access.
Intel Ax201 Firmware -
Intel Ax200 Firmware -
Intel Ac 9560 Firmware -
Intel Ac 9462 Firmware -
Intel Ac 9461 Firmware -
Intel Ac 9260 Firmware -
Intel Ac 8265 Firmware -
Intel Ac 8260 Firmware -
Intel Ac 3168 Firmware -
Intel Ac 7265 Firmware -
Intel Ac 3165 Firmware -
6.5
CVSSv3
CVE-2022-22210
A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on QFX5000 Series and MX Series allows an unauthenticated adjacent malicious user to cause a Denial of Service (DoS). On QFX5K Series and MX Series, when the PFE receives a...
Juniper Junos 20.3
Juniper Junos 20.4
Juniper Junos 21.2
7.8
CVSSv3
CVE-2020-0564
Improper permissions in the installer for Intel(R) RWC3 for Windows before version 7.010.009.000 may allow an authenticated user to potentially enable escalation of privilege via local access.
Intel Raid Web Console 3
5.5
CVSSv3
CVE-2020-0567
Improper input validation in Intel(R) Graphics Drivers before version 26.20.100.7212 may allow an authenticated user to enable denial of service via local access.
Intel Graphics Driver
6.7
CVSSv3
CVE-2020-0572
Improper input validation in the firmware for Intel(R) Server Board S2600ST and S2600WF families may allow a privileged user to potentially enable escalation of privilege via local access.
Intel Server Board S2600st Firmware
Intel Server Board S2600wf Firmware
8.8
CVSSv3
CVE-2018-14910
SeaCMS v6.61 allows Remote Code execution by placing PHP code in an allowed IP address (aka ip) to /admin/admin_ip.php (aka /adm1n/admin_ip.php). The code is executed by visiting adm1n/admin_ip.php or data/admin/ip.php. This can also be exploited through CSRF.
Seacms Seacms 6.61
7.2
CVSSv3
CVE-2018-14911
A file upload vulnerability exists in ukcms v1.1.7 and previous versions. The vulnerability is due to the system not strictly filtering the file upload type. An attacker can exploit the vulnerability to upload a script Trojan to admin.php/admin/configset/index/group/upload.html t...
Ukcms Ukcms
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »