Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pedro vulnerabilities and exploits
(subscribe to this query)
8.6
CVSSv3
CVE-2016-1525
Directory traversal vulnerability in data/config/image.do in NETGEAR Management System NMS300 1.5.0.11 and previous versions allows remote authenticated users to read arbitrary files via a .. (dot dot) in the realName parameter.
Netgear Prosafe Network Management Software 300 1.5.0.11
2 EDB exploits
1 Article
4.3
CVSSv3
CVE-2023-39418
A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. If UPDATE and SELECT policies forbid some rows that INSERT policies do not forbid, a user could store such rows.
Postgresql Postgresql
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Debian Debian Linux 12.0
9.6
CVSSv3
CVE-2016-1524
Multiple unrestricted file upload vulnerabilities in NETGEAR Management System NMS300 1.5.0.11 and previous versions allow remote malicious users to execute arbitrary Java code by using (1) fileUpload.do or (2) lib-1.0/external/flash/fileUpload.do to upload a JSP file, and then a...
Netgear Prosafe Network Management Software 300
1 EDB exploit
1 Article
8.8
CVSSv3
CVE-2023-39417
IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-...
Postgresql Postgresql
Redhat Enterprise Linux 8.0
Redhat Software Collections -
Redhat Enterprise Linux 9.0
Debian Debian Linux 8.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
NA
CVE-2014-8146
The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) prior to 55.1 does not properly track directionally isolated pieces of text, which allows remote malicious users to ca...
Apple Iphone Os
Apple Watchos
Apple Itunes
Apple Mac Os X
Icu-project International Components For Unicode
1 EDB exploit
NA
CVE-2014-8147
The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) prior to 55.1 uses an integer data type that is inconsistent with a header file, which allows remote malicious users t...
Apple Watchos
Apple Mac Os X
Icu-project International Components For Unicode
1 EDB exploit
4.3
CVSSv3
CVE-2023-5868
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type de...
Postgresql Postgresql 16.0
Postgresql Postgresql
Redhat Software Collections 1.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Aus 8.6
Redhat Enterprise Linux Server Tus 8.6
Redhat Enterprise Linux Eus 8.6
Redhat Enterprise Linux 9.0
Redhat Enterprise Linux Eus 9.0
Redhat Enterprise Linux Eus 8.8
Redhat Enterprise Linux Server Aus 9.2
Redhat Enterprise Linux Eus 9.2
Redhat Enterprise Linux For Arm 64 8.0
Redhat Enterprise Linux For Power Little Endian Eus 9.2 Ppc64le
Redhat Codeready Linux Builder For Arm64 Eus 9.2 Aarch64
Redhat Codeready Linux Builder For Ibm Z Systems Eus 9.2 S390x
Redhat Codeready Linux Builder Eus For Power Little Endian Eus 9.2 Ppc64le
Redhat Codeready Linux Builder Eus 9.2
4.4
CVSSv3
CVE-2023-5870
A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background...
Postgresql Postgresql 16.0
Postgresql Postgresql
Redhat Software Collections 1.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Aus 8.6
Redhat Enterprise Linux Server Tus 8.6
Redhat Enterprise Linux Eus 8.6
Redhat Enterprise Linux 9.0
Redhat Enterprise Linux Eus 9.0
Redhat Enterprise Linux Eus 8.8
Redhat Enterprise Linux Server Aus 9.2
Redhat Enterprise Linux Eus 9.2
Redhat Enterprise Linux For Arm 64 8.0
Redhat Enterprise Linux For Power Little Endian Eus 9.2 Ppc64le
Redhat Codeready Linux Builder For Arm64 Eus 9.2 Aarch64
Redhat Codeready Linux Builder For Ibm Z Systems Eus 9.2 S390x
Redhat Codeready Linux Builder Eus For Power Little Endian Eus 9.2 Ppc64le
Redhat Codeready Linux Builder Eus 9.2
8.8
CVSSv3
CVE-2023-5869
A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overfl...
Postgresql Postgresql 16.0
Postgresql Postgresql
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux For Scientific Computing 7.0
Redhat Enterprise Linux Server 7.0
Redhat Software Collections 1.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Aus 8.6
Redhat Enterprise Linux Server Tus 8.6
Redhat Enterprise Linux Eus 8.6
Redhat Enterprise Linux 9.0
Redhat Enterprise Linux Eus 9.0
Redhat Enterprise Linux Eus 8.8
Redhat Enterprise Linux Server Aus 9.2
Redhat Enterprise Linux Eus 9.2
Redhat Enterprise Linux For Arm 64 8.0
Redhat Enterprise Linux For Power Little Endian Eus 9.2 Ppc64le
9.8
CVSSv3
CVE-2016-5674
__debugging_center_utils___.php in NUUO NVRmini 2 1.7.5 up to and including 3.0.0, NUUO NVRsolo 1.7.5 up to and including 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 up to and including 1.4.1 allows remote malicious users to execute arbitrary PHP code via the log parameter.
Netgear Readynas Surveillance 1.4.2
Netgear Readynas Surveillance 1.4.1
Netgear Readynas Surveillance 1.1.1
Netgear Readynas Surveillance 1.1.2
Netgear Readynas Surveillance 1.3.2.14
Netgear Readynas Surveillance 1.2.0.4
Netgear Readynas Surveillance 1.3.2.4
Netgear Readynas Surveillance 1.4.0
Nuuo Nvrmini 2 3.0.0
Nuuo Nvrmini 2 2.2.1
Nuuo Nvrmini 2 2.0.0
Nuuo Nvrmini 2 1.7.6
Nuuo Nvrmini 2 1.7.5
Nuuo Nvrsolo 2.3.9.6
Nuuo Nvrsolo 2.3.7.10
Nuuo Nvrsolo 2.0.0
Nuuo Nvrsolo 1.75
Nuuo Nvrsolo 3.0.0
Nuuo Nvrsolo 2.1.5
Nuuo Nvrsolo 2.0.1
Nuuo Nvrsolo 2.3.7.9
Nuuo Nvrsolo 2.3.1.20
1 EDB exploit
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »