Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
analyst vulnerabilities and exploits
(subscribe to this query)
828
VMScore
CVE-2020-4723
IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local malicious user to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on th...
Ibm I2 Analysts Notebook 9.2.0
Ibm I2 Analysts Notebook 9.2.1
890
VMScore
CVE-2011-5322
GE Healthcare Centricity Analytics Server 1.1 has a default password of (1) V0yag3r for the SQL Server sa user, (2) G3car3s for the analyst user, (3) G3car3s for the ccg user, (4) V0yag3r for the viewer user, and (5) geservice for the geservice user in the Webmin interface, which...
Gehealthcare Centricity Analytics Server 1.1
NA
CVE-2023-1097
Baicells EG7035-M11 devices with firmware through BCE-ODU-1.0.8 are vulnerable to improper code exploitation via HTTP GET command injections. Commands are executed using pre-login execution and executed with root permissions. The following methods have been tested and validated b...
Baicells Eg7035-m11 Firmware
NA
CVE-2023-0776
Baicells Nova 436Q, Nova 430E, Nova 430I, and Neutrino 430 LTE TDD eNodeB devices with firmware through QRTB 2.12.7 are vulnerable to remote shell code exploitation via HTTP command injections. Commands are executed using pre-login execution and executed with root permissions. Th...
Baicells Neutrino 430 Firmware
Baicells Nova430l Firmware
Baicells Nova430e Firmware
Baicells Nova436q Firmware
NA
CVE-2023-24508
Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB and Nova 246 devices with firmware through RTS/RTD 3.6.6 are vulnerable to remote shell code exploitation via HTTP command injections. Commands are executed using pre-login execution and executed with root permissions. The ...
Baicells Rtd Firmware
Baicells Rts Firmware
NA
CVE-2024-22876
StrangeBee TheHive 5.1.0 to 5.1.9 and 5.2.0 to 5.2.8 is vulnerable to Cross Site Scripting (XSS) in the case attachment functionality which enables an malicious user to upload a malicious HTML file with Javascript code that will be executed in the context of the The Hive applicat...
Strangebee Thehive
801
VMScore
CVE-2020-9408
The Spotfire library component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains a vulnerability that theoretically allows an attacker with write permissions to the Spotfire Library, but not "Script Author&...
Tibco Spotfire Analytics Platform For Aws
Tibco Spotfire Server
Tibco Spotfire Server 7.12.0
Tibco Spotfire Server 7.13.0
Tibco Spotfire Server 7.14.0
Tibco Spotfire Server 10.0.0
Tibco Spotfire Server 10.0.1
Tibco Spotfire Server 10.1.0
Tibco Spotfire Server 10.2.0
Tibco Spotfire Server 10.3.0
Tibco Spotfire Server 10.3.1
Tibco Spotfire Server 10.3.2
Tibco Spotfire Server 10.3.3
Tibco Spotfire Server 10.3.4
Tibco Spotfire Server 10.3.5
Tibco Spotfire Server 10.3.6
Tibco Spotfire Server 10.4.0
Tibco Spotfire Server 10.5.0
Tibco Spotfire Server 10.6.0
Tibco Spotfire Server 10.6.1
Tibco Spotfire Server 10.7.0
Tibco Spotfire Server 10.8.0
1 Github repository
NA
CVE-2023-0242
Rapid7 Velociraptor allows users to be created with different privileges on the server. Administrators are generally allowed to run any command on the server including writing arbitrary files. However, lower privilege users are generally forbidden from writing or modifying files ...
Rapid7 Velociraptor
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4