Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
alarm vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2011-2591
Multiple buffer overflows in the Provideo ActiveX controls allow remote malicious users to execute arbitrary code via crafted input fields, as demonstrated by (1) a long strIp argument to the voice method in 2way.dll in the alarm 1.0.3.1 ActiveX control, (2) a network response to...
Provideo Paxplayer Activex Control 3.0.0.9
Provideo Gmax Activex Control 2.0.8.2
Provideo Alarm Activex Control 3.0.0.9
5.8
CVSSv2
CVE-2015-7285
CSL DualCom GPRS CS2300-R devices with firmware 1.25 up to and including 3.53 do not require authentication from Alarm Receiving Center (ARC) servers, which allows man-in-the-middle malicious users to bypass intended access restrictions via a spoofed HSxx response.
Csl Dualcom Gprs Cs2300-r Firmware 1.25
Csl Dualcom Gprs Cs2300-r Firmware 3.53
1 Article
6.4
CVSSv2
CVE-2015-7286
CSL DualCom GPRS CS2300-R devices with firmware 1.25 up to and including 3.53 rely on a polyalphabetic substitution cipher with hardcoded keys, which makes it easier for remote malicious users to defeat a cryptographic protection mechanism by capturing IP or V.22bis PSTN protocol...
Csl Dualcom Gprs Cs2300-r Firmware 1.25
Csl Dualcom Gprs Cs2300-r Firmware 3.53
1 Article
7.5
CVSSv2
CVE-2015-7287
CSL DualCom GPRS CS2300-R devices with firmware 1.25 up to and including 3.53 use the same 001984 default PIN across different customers' installations, which allows remote malicious users to execute commands by leveraging knowledge of this PIN and including it in an SMS mes...
Csl Dualcom Gprs Cs2300-r Firmware 1.25
Csl Dualcom Gprs Cs2300-r Firmware 3.53
1 Article
4.3
CVSSv2
CVE-2015-7288
CSL DualCom GPRS CS2300-R devices with firmware 1.25 up to and including 3.53 allow remote malicious users to modify the configuration via a command in an SMS message, as demonstrated by a "4 2" command.
Csl Dualcom Gprs Cs2300-r Firmware 3.53
Csl Dualcom Gprs Cs2300-r Firmware 1.25
1 Article
7.5
CVSSv2
CVE-2005-3560
Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite 6.0, (3) ZoneAlarm Anti-Virus 6.0, (4) ZoneAlarm Anti-Spyware 6.0 up to and including 6.1, and (5) ZoneAlarm 6.0 allow remote malicious users to bypass the "Advanced Program Control and OS Firewall filter...
Zonelabs Zonealarm 6.0
Zonelabs Zonealarm Anti-spyware 6.1
Zonelabs Zonealarm Antivirus 6.0
Zonelabs Zonealarm Anti-spyware 6.0
Zonelabs Zonealarm Security Suite 6.0
1 EDB exploit
NA
CVE-2022-22221
An Improper Neutralization of Special Elements vulnerability in the download manager of Juniper Networks Junos OS on SRX Series and EX Series allows a locally authenticated attacker with low privileges to take full control over the device. One aspect of this vulnerability is that...
Juniper Junos 19.2
Juniper Junos 19.3
Juniper Junos 19.4
Juniper Junos
Juniper Junos 20.1
Juniper Junos 20.2
Juniper Junos 20.3
Juniper Junos 20.4
Juniper Junos 21.1
Juniper Junos 21.2
Juniper Junos 21.3
Juniper Junos 21.4
1 Article
NA
CVE-2022-29952
Bently Nevada condition monitoring equipment through 2022-04-29 mishandles authentication. It utilizes the TDI command and data protocols (60005/TCP, 60007/TCP) for communications between the monitoring controller and System 1 and/or Bently Nevada Monitor Configuration (BNMC) sof...
Bakerhughes Bently Nevada 3701\\/40 Firmware
Bakerhughes Bently Nevada 3701\\/44 Firmware
Bakerhughes Bently Nevada 3701\\/46 Firmware
Bakerhughes Bently Nevada 60m100 Firmware -
1 Article
NA
CVE-2022-29953
The Bently Nevada 3700 series of condition monitoring equipment through 2022-04-29 has a maintenance interface on port 4001/TCP with undocumented, hardcoded credentials. An attacker capable of connecting to this interface can thus trivially take over its functionality.
Bakerhughes Bently Nevada 3701\\/40 Firmware
Bakerhughes Bently Nevada 3701\\/44 Firmware
Bakerhughes Bently Nevada 3701\\/46 Firmware
Bakerhughes Bently Nevada 60m100 Firmware -
1 Article
NA
CVE-2022-29957
The Emerson DeltaV Distributed Control System (DCS) through 2022-04-29 mishandles authentication. It utilizes several proprietary protocols for a wide variety of functionality. These protocols include Firmware upgrade (18508/TCP, 18518/TCP); Plug-and-Play (18510/UDP); Hawk servic...
Emerson Deltav Distributed Control System
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »