Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
securiteam vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2017-2796
Nitro Pro PDF - Multiple Vulnerabilities
1 EDB exploit
9.8
CVSSv3
CVE-2017-11502
Technicolor DPC3928AD DOCSIS devices allow remote malicious users to read arbitrary files via a request starting with "GET /../" on TCP port 4321.
Cisco Dpc3928ad Docsis Wireless Router Firmware -
1 EDB exploit
9.8
CVSSv3
CVE-2017-11471
IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatIfGadget/getmetrics.php via the element parameter.
Idera Uptime Infrastructure Monitor 7.8
1 EDB exploit
7.5
CVSSv3
CVE-2017-11469
get2post.php in IDERA Uptime Monitor 7.8 has directory traversal in the file_name parameter.
Idera Uptime Infrastructure Monitor 7.8
1 EDB exploit
9.8
CVSSv3
CVE-2017-11470
IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatifGadget/getxenmetrics.php via the element parameter.
Idera Uptime Infrastructure Monitor 7.8
1 EDB exploit
9.8
CVSSv3
CVE-2017-11467
OrientDB up to and including 2.2.22 does not enforce privilege requirements during "where" or "fetchplan" or "order by" use, which allows remote malicious users to execute arbitrary OS commands via a crafted request.
Orientdb Orientdb
1 EDB exploit
2 Github repositories
7.5
CVSSv3
CVE-2017-11456
Geneko GWR routers allow directory traversal sequences starting with a /../ substring, as demonstrated by unauthenticated read access to the configuration file.
Geneko Gwr352 3g Router Firmware -
Geneko Gwr352wv Wide Voltage 3g Router Firmware -
Geneko Gwr252 Edge Router Firmware -
Geneko Gwr202 Gprs Router Firmware -
1 EDB exploit
5.5
CVSSv3
CVE-2017-7950
Nitro Pro 11.0.3 and previous versions allows remote malicious users to cause a denial of service (application crash) via a crafted PCX file.
Gonitro Nitro Pro
1 EDB exploit
6.5
CVSSv3
CVE-2017-10803
In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise Edition 9.0 and 10.0, insecure handling of anonymization data in the Database Anonymization module allows remote authenticated privileged users to execute arbitrary Python code, because unpickle is used.
Odoo Odoo 10.0
Odoo Odoo 9.0
Odoo Odoo 8.0
1 EDB exploit
NA
CVE-2017-12854
Sophos XG Firewall 16.05.4 MR-4 - Path Traversal
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »