Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
alarm vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2017-11740
In Zoho ManageEngine Application Manager 13.1 Build 13100, the administrative user has the ability to upload files/binaries that can be executed upon the occurrence of an alarm. An attacker can abuse this functionality by uploading a malicious script that can be executed on the r...
Zohocorp Manageengine Applications Manager 13.1
NA
CVE-2013-1575
The dissect_r3_cmd_alarmconfigure function in epan/dissectors/packet-assa_r3.c in the R3 dissector in Wireshark 1.6.x prior to 1.6.13 and 1.8.x prior to 1.8.5 does not properly handle a certain alarm length, which allows remote malicious users to cause a denial of service (infini...
Wireshark Wireshark 1.6.4
Wireshark Wireshark 1.6.2
Wireshark Wireshark 1.6.3
Wireshark Wireshark 1.6.10
Wireshark Wireshark 1.6.11
Wireshark Wireshark 1.6.6
Wireshark Wireshark 1.6.7
Wireshark Wireshark 1.6.0
Wireshark Wireshark 1.6.1
Wireshark Wireshark 1.6.8
Wireshark Wireshark 1.6.9
Wireshark Wireshark 1.6.5
Wireshark Wireshark 1.6.12
Wireshark Wireshark 1.8.1
Wireshark Wireshark 1.8.2
Wireshark Wireshark 1.8.3
Wireshark Wireshark 1.8.4
Wireshark Wireshark 1.8.0
5.3
CVSSv3
CVE-2023-1751
The listed versions of Nexx Smart Home devices use a WebSocket server that does not validate if the bearer token in the Authorization header belongs to the device attempting to associate. This could allow any authorized user to receive alarm information and signals meant for othe...
Getnexx Nxal-100 Firmware
Getnexx Nxg-100b Firmware
Getnexx Nxpg-100w Firmware
Getnexx Nxg-200 Firmware
1 Article
9.8
CVSSv3
CVE-2018-10620
AVEVA InduSoft Web Studio v8.1 and v8.1SP1, and InTouch Machine Edition v2017 8.1 and v2017 8.1 SP1 a remote user could send a carefully crafted packet to exploit a stack-based buffer overflow vulnerability during tag, alarm, or event related actions such as read and write, with ...
Aveva Intouch Machine 2017 8.1
Aveva Indusoft Web Studio 8.1
NA
CVE-2008-3777
The SIP Enablement Services (SES) Server in Avaya SIP Enablement Services 5.0, and Communication Manager (CM) 5.0 on the S8300C with SES enabled, writes account names and passwords to the (1) alarm and (2) system logs during failed login attempts, which allows local users to obta...
Avaya Sip Enablement Services 5.0
Avaya Communication Manager 5.0
8.8
CVSSv3
CVE-2021-43075
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.2 and below, version 8.5.2 and below, version 8.4.2 and below, version 8.3.2 and below allows malicious user to execute unauthorized code or com...
Fortinet Fortiwlm
NA
CVE-2011-3008
The default configuration of Avaya Secure Access Link (SAL) Gateway 1.5, 1.8, and 2.0 contains certain domain names in the Secondary Core Server URL and Secondary Remote Server URL fields, which allows remote malicious users to obtain sensitive information by leveraging administr...
Avaya Secure Access Link Gateway 1.5
Avaya Secure Access Link Gateway 1.8
Avaya Secure Access Link Gateway 2.0
7.8
CVSSv3
CVE-2020-27030
In onCreate of HandleApiCalls.java, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege that allows an app to set or dismiss the alarm with no additional execution privileges needed. User interaction is not needed for e...
Google Android 11.0
2.4
CVSSv3
CVE-2019-5213
Honor play smartphones with versions earlier than Cornell-AL00A 9.1.0.321(C00E320R1P1T8) have an insufficient authentication vulnerability. The system has a logic judge error under certain scenario. Successful exploit could allow the malicious user to modify the alarm clock setti...
Huawei Honor Play Firmware
NA
CVE-2004-2713
Zone Alarm Pro 1.0 up to and including 5.1 gives full access to %windir%\Internet Logs\* to the EVERYONE group, which allows local users to cause a denial of service by modifying the folder contents or permissions. NOTE: this issue has been disputed by the vendor, who claims that...
Zonelabs Zonealarm 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »