Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
backdoor vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2024-3094
Malicious code exists in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific fun...
Tukaani Xz 5.6.1
Tukaani Xz 5.6.0
75 Github repositories
6 Articles
9.8
CVSSv3
CVE-2014-6617
Softing FG-100 PB PROFIBUS firmware version FG-x00-PB_V2.02.0.00 contains a hardcoded password for the root account, which allows remote malicious users to obtain administrative access via a TELNET session.
Industrial.softing Fg-100 Pb Profibus Firmware Fg-x00-pb V2.02.0.00
9.8
CVSSv3
CVE-2013-4211
A Code Execution Vulnerability exists in OpenX Ad Server 2.8.10 due to a backdoor in flowplayer-3.1.1.min.js library, which could let a remote malicious user execute arbitrary PHP code
Openx Openx 2.8.10
1 EDB exploit
9.8
CVSSv3
CVE-2022-32985
libnx_apl.so on Nexans FTTO GigaSwitch prior to 6.02N and 7.x prior to 7.02 implements a Backdoor Account for SSH logins on port 50200 or 50201.
Nexans Gigaswitch 641 Desk V5 Sfp-vi Firmware
Nexans Gigaswitch 642 Desk V5 Sfp-2vi Firmware
Nexans Gigaswitch V5 2tp\\(pd-f\\+\\) Sfp-vi 54vdc Firmware
Nexans Gigaswitch V5 2tp\\(pse\\+\\) Sfp-vi 54vdc Firmware
Nexans Gigaswitch V5 2tp Sfp-vi 54vdc Firmware
Nexans Gigaswitch V5 Sfp-2vi 230vac Firmware
Nexans Gigaswitch V5 Tp\\(pse\\+\\) Sfp-2vi 54vdc Firmware
Nexans Gigaswitch V5 Tp\\(pse\\+\\) Sfp-2vi 54vdc Ind Firmware
Nexans Gigaswitch V5 Tp\\(pse\\+\\) Sfp-2vi 54vdc Med Firmware
Nexans Gigaswitch V5 Tp Sfp-2vi 54vdc Firmware
Nexans Gigaswitch V5 Tp Sfp-2vi 54vdc Ind Firmware
Nexans Gigaswitch V5 Tp Sfp-2vi 54vdc Med Firmware
Nexans Gigaswitch V5 Tp Sfp-vi 230vac Firmware
NA
CVE-2001-0008
Backdoor account in Interbase database server allows remote malicious users to overwrite arbitrary files using stored procedures.
Firebirdsql Firebird
Borland Software Interbase 5.0
Borland Software Interbase 6.0
Borland Software Interbase 4.0
1 EDB exploit
NA
CVE-2012-1803
RuggedCom Rugged Operating System (ROS) 3.10.x and previous versions has a factory account with a password derived from the MAC Address field in the banner, which makes it easier for remote malicious users to obtain access by performing a calculation on this address value, and th...
Siemens Ruggedcom Rugged Operating System
1 EDB exploit
NA
CVE-2012-1515
VMware ESXi 3.5, 4.0, and 4.1 and ESX 3.5, 4.0, and 4.1 do not properly implement port-based I/O operations, which allows guest OS users to gain guest OS privileges by overwriting memory locations in a read-only memory block associated with the Virtual DOS Machine.
Vmware Esxi 4.0
Vmware Esxi 4.1
Vmware Esxi 3.5
Vmware Esx 4.0
Vmware Esx 4.1
Vmware Esx 3.5
9.9
CVSSv3
CVE-2012-1516
The VMX process in VMware ESXi 3.5 up to and including 4.1 and ESX 3.5 up to and including 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of service (memory overwrite and process crash) or possibly execute arbitrary code on the host OS vi...
Vmware Esx 4.0
Vmware Esx 4.1
Vmware Esx 3.5
Vmware Esxi 4.0
Vmware Esxi 4.1
Vmware Esxi 3.5
NA
CVE-2011-4046
The Dell KACE K2000 System Deployment Appliance stores the recovery account password in cleartext within a PHP script, which allows context-dependent malicious users to obtain sensitive information by examining script source code.
Dell Kace K2000 Systems Deployment Appliance
6.8
CVSSv3
CVE-2022-29854
A vulnerability in Mitel 6900 Series IP (MiNet) phones excluding 6970, versions 1.8 (1.8.0.12) and previous versions, could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during syst...
Mitel Minet Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »