Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
w. schober vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2018-0461
A vulnerability in the Cisco IP Phone 8800 Series Software could allow an unauthenticated, remote malicious user to conduct an arbitrary script injection attack on an affected device. The vulnerability exists because the software running on an affected device insufficiently valid...
Cisco Ip Phone 8800 Series Firmware 12.5\\(1\\)
8.6
CVSSv3
CVE-2019-19458
SALTO ProAccess SPACE 5.4.3.0 allows Directory Traversal in the Data Export feature.
Saltosystem Proaccess Space
7.8
CVSSv3
CVE-2017-3210
Applications developed using the Portrait Display SDK, versions 2.30 up to and including 2.34, default to insecure configurations which allow arbitrary code execution. A number of applications developed using the Portrait Displays SDK do not use secure permissions when running. T...
Portrait Portrait Display Sdk
Fujitsu Displayview Click 6.0
Fujitsu Displayview Click Suite 5.0
Fujitsu Displayview Click 6.01
Hp Display Assistant 2.1
Hp My Display 2.0
Philips Smart Control Premium 2.25
Philips Smart Control Premium 2.23
5.4
CVSSv3
CVE-2019-19457
SALTO ProAccess SPACE 5.4.3.0 allows XSS.
Saltosystem Proaccess Space
9.8
CVSSv3
CVE-2019-19459
An issue exists in SALTO ProAccess SPACE 5.4.3.0. An attacker can write arbitrary content to arbitrary files, as demonstrated by CVE-2019-19458 files under the web root, or .bat files that will be used with auto start. This allows an malicious user to execute arbitrary commands o...
Saltosystem Proaccess Space
5.5
CVSSv3
CVE-2019-19460
An issue exists in SALTO ProAccess SPACE 5.4.3.0. The product's webserver runs as a Windows service with local SYSTEM permissions by default. This is against the principle of least privilege. An attacker who is able to exploit CVE-2019-19458 or CVE-2019-19459 is basically ab...
Saltosystem Proaccess Space
5.4
CVSSv3
CVE-2018-8716
WSO2 Identity Server prior to 5.5.0 has XSS via the dashboard, allowing attacks by low-privileged attackers.
Wso2 Identity Server
1 EDB exploit
7.3
CVSSv3
CVE-2022-22521
In Miele Benchmark Programming Tool with versions before 1.2.71, executable files manipulated by attackers are unknowingly executed with users privileges. An attacker with low privileges may trick a user with administrative privileges to execute these binaries as admin.
Miele Benchmark Programming Tool
6.1
CVSSv3
CVE-2018-5306
Multiple cross-site scripting (XSS) vulnerabilities in Sonatype Nexus Repository Manager (aka NXRM) 3.x prior to 3.8 allow remote malicious users to inject arbitrary web script or HTML via (1) the repoId or (2) format parameter to service/siesta/healthcheck/healthCheckFileDetail/...
Sonatype Nexus Repository Manager
6.1
CVSSv3
CVE-2018-5307
Multiple cross-site scripting (XSS) vulnerabilities in Sonatype Nexus Repository Manager (aka NXRM) 2.x prior to 2.14.6 allow remote malicious users to inject arbitrary web script or HTML via (1) the repoId or (2) format parameter to service/siesta/healthcheck/healthCheckFileDeta...
Sonatype Nexus Repository Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22460
CVE-2024-4646
CVE-2024-29212
IMAP
CVE-2023-36672
CVE-2024-34547
command injection
CVE-2024-4651
stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started