Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
securiteam vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2017-15649
net/packet/af_packet.c in the Linux kernel prior to 4.13.6 allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-fre...
Linux Linux Kernel
1 EDB exploit
9.8
CVSSv3
CVE-2017-18001
Trustwave Secure Web Gateway (SWG) up to and including 11.8.0.27 allows remote malicious users to append an arbitrary public key to the device's SSH Authorized Keys data, and consequently obtain remote root access, via the publicKey parameter to the /sendKey URI.
Trustwave Secure Web Gateway
1 EDB exploit
NA
CVE-2004-0295
TsFtpSrv.exe in Broker FTP 6.1.0.0 allows remote malicious users to cause a denial of service (CPU consumption) via an open idle connection.
Transsoft Broker Ftp Server 6.1 .0.0
1 EDB exploit
9.8
CVSSv3
CVE-2017-11467
OrientDB up to and including 2.2.22 does not enforce privilege requirements during "where" or "fetchplan" or "order by" use, which allows remote malicious users to execute arbitrary OS commands via a crafted request.
Orientdb Orientdb
1 EDB exploit
2 Github repositories
9.8
CVSSv3
CVE-2017-11471
IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatIfGadget/getmetrics.php via the element parameter.
Idera Uptime Infrastructure Monitor 7.8
1 EDB exploit
7.3
CVSSv3
CVE-2017-11657
Dashlane might allow local users to gain privileges by placing a Trojan horse WINHTTP.dll in the %APPDATA%\Dashlane directory.
Dashlane Dashlane -
1 EDB exploit
NA
CVE-2017-12854
Sophos XG Firewall 16.05.4 MR-4 - Path Traversal
1 EDB exploit
7.5
CVSSv3
CVE-2017-13068
QNAP has already patched this vulnerability. This security concern allows a remote malicious user to perform an SQL injection on the application and obtain Helpdesk application information. A remote attacker does not require any privileges to successfully execute this attack.
Qnap Qts Helpdesk
1 EDB exploit
8.8
CVSSv3
CVE-2017-16352
GraphicsMagick 1.3.26 is vulnerable to a heap-based buffer overflow vulnerability found in the "Display visual image directory" feature of the DescribeImage() function of the magick/describe.c file. One possible way to trigger the vulnerability is to run the identify co...
Graphicsmagick Graphicsmagick 1.3.26
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
1 EDB exploit
6.5
CVSSv3
CVE-2017-16353
GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describe.c file, because of a heap-based buffer over-read. The portion of the code containing the vulnerability is responsible for printing the I...
Graphicsmagick Graphicsmagick 1.3.26
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »