Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sam vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2021-46416
Insecure direct object reference in SUNNY TRIPOWER 5.0 Firmware version 3.10.16.R leads to unauthorized user groups accessing due to insecure cookie handling.
Sma Sunny Tripower Firmware 3.10.16.r
NA
CVE-2018-6044
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-16064. Reason: This candidate is a reservation duplicate of CVE-2018-16064. Notes: All CVE users should reference CVE-2018-16064 instead of this candidate. All references and descriptions in this candidate ha...
NA
CVE-2021-37357
Online Course Registration version 1.0 suffers from a blind boolean-based remote SQL injection vulnerability.
7.3
CVSSv3
CVE-2021-31845
A buffer overflow vulnerability in McAfee Data Loss Prevention (DLP) Discover before 11.6.100 allows an attacker in the same network as the DLP Discover to execute arbitrary code through placing carefully constructed Ami Pro (.sam) files onto a machine and having DLP Discover sca...
Mcafee Data Loss Prevention Discover
7.3
CVSSv3
CVE-2021-31844
A buffer overflow vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows before 11.6.200 allows a local malicious user to execute arbitrary code with elevated privileges through placing carefully constructed Ami Pro (.sam) files onto the local system and triggeri...
Mcafee Data Loss Prevention Endpoint
7.8
CVSSv3
CVE-2021-36934
<p>An elevation of privilege vulnerability exists because of overly permissive Access Control Lists (ACLs) on multiple system files, including the Security Accounts Manager (SAM) database. An attacker who successfully exploited this vulnerability could run arbitrary code wi...
Microsoft Windows 10 1809
Microsoft Windows 10 1909
Microsoft Windows 10 2004
Microsoft Windows 10 20h2
Microsoft Windows 10 21h1
38 Github repositories
3 Articles
8.8
CVSSv3
CVE-2020-2180
Jenkins AWS SAM Plugin 1.2.2 and previous versions does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability.
Jenkins Amazon Web Services Serverless Application Model
7.5
CVSSv3
CVE-2019-7751
A directory traversal and local file inclusion vulnerability in FPProducerInternetServer.exe in Ricoh MarcomCentral, formerly PTI Marketing, FusionPro VDP prior to 10.0 allows a remote malicious user to list or enumerate sensitive contents of files. Furthermore, this could allow ...
Ricoh Fusionpro Vdp
1 EDB exploit
1 Github repository
7.5
CVSSv3
CVE-2019-11029
Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the Download() method of AutoUpdateService in SMServer.exe, leading to Directory Traversal. An attacker could use ..\ with this method to iterate over lists of interesting system files and download them without previous a...
Mirasys Mirasys Vms
7.7
CVSSv3
CVE-2018-19571
GitLab CE/EE, versions 8.18 up to 11.x prior to 11.3.11, 11.4 prior to 11.4.8, and 11.5 prior to 11.5.1, are vulnerable to an SSRF vulnerability in webhooks.
Gitlab Gitlab
6 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »