Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dolev farhi vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-4199
vm-support 0.88 in VMware Tools, as distributed with VMware Workstation up to and including 10.0.3 and other products, allows local users to write to arbitrary files via a symlink attack on a file in /tmp.
Vmware Workstation 10.0.1
Vmware Workstation 10.0.2
Vmware Workstation
Vmware Tools
Vmware Workstation 10.0
Vmware Vm-support 0.88
NA
CVE-2014-4200
vm-support 0.88 in VMware Tools, as distributed with VMware Workstation up to and including 10.0.3 and other products, uses 0644 permissions for the vm-support archive, which allows local users to obtain sensitive information by extracting files from this archive.
Vmware Workstation 10.0.2
Vmware Workstation
Vmware Workstation 10.0
Vmware Workstation 10.0.1
Vmware Vm-support 0.88
Vmware Tools
NA
CVE-2014-3840
Multiple cross-site scripting (XSS) vulnerabilities in apps/common/templates/calculate_form_title.html in Mayan EDMS 0.13 allow remote authenticated users to inject arbitrary web script or HTML via a (1) tag or the (2) title of a source in a Staging folder, (3) Name field in a bo...
Mayan-edms Mayan Edms 0.13
1 EDB exploit
NA
CVE-2014-3866
Multiple cross-site request forgery (CSRF) vulnerabilities in user_settings.php in Usercake 2.0.2 and previous versions allow remote malicious users to hijack the authentication of administrators for requests that change the (1) administrative password via the passwordc parameter...
Usercake Usercake
Usercake Usercake 2.0.1
1 EDB exploit
NA
CVE-2014-3738
Cross-site scripting (XSS) vulnerability in Zenoss 4.2.5 allows remote malicious users to inject arbitrary web script or HTML via the title of a device.
Zenoss Zenoss 4.2.5
1 EDB exploit
NA
CVE-2014-3225
Absolute path traversal vulnerability in the web interface in Cobbler 2.4.x up to and including 2.6.x allows remote authenticated users to read arbitrary files via the Kickstart field in a profile.
Cobblerd Cobbler 2.6.0
Cobblerd Cobbler 2.4.4
Cobblerd Cobbler 2.4.1
Cobblerd Cobbler 2.4.0
Cobblerd Cobbler 2.4.3
Cobblerd Cobbler 2.4.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2