Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
anonymous vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-8818
curl and libcurl prior to 7.57.0 on 32-bit platforms allow malicious users to cause a denial of service (out-of-bounds access and application crash) or possibly have unspecified other impact because too little memory is allocated for interfacing to an SSL library.
Haxx Curl 7.56.1
Haxx Libcurl 7.56.0
Haxx Libcurl 7.56.1
Haxx Curl 7.56.0
9.8
CVSSv3
CVE-2017-12065
spikekill.php in Cacti prior to 1.1.16 might allow remote malicious users to execute arbitrary code via the avgnan, outlier-start, or outlier-end parameter.
Cacti Cacti
9.8
CVSSv3
CVE-2017-10807
JabberD 2.x (aka jabberd2) prior to 2.6.1 allows anyone to authenticate using SASL ANONYMOUS, even when the sasl.anonymous c2s.xml option is not enabled.
Jabberd2 Jabberd2
9.8
CVSSv3
CVE-2017-7494
Samba since version 3.5.0 and prior to 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.
Samba Samba
Debian Debian Linux 8.0
2 EDB exploits
2 Nmap scripts
123 Github repositories
3 Articles
9.8
CVSSv3
CVE-2017-5173
An Improper Neutralization of Special Elements (in an OS command) issue exists in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An improper neutralization of special elements vulnerability has been identified. If special elements are not properly neutralized, an attacker...
Geutebrueck Ip Camera G-cam Efd-2250 Firmware 1.11.0.12
1 EDB exploit
9.8
CVSSv3
CVE-2017-5174
An Authentication Bypass issue exists in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An authentication bypass vulnerability has been identified. The existing file system architecture could allow malicious users to bypass the access control that may allow remote code ex...
Geutebruck Ip Camera G-cam Efd-2250 Firmware 1.11.0.12
1 EDB exploit
9.8
CVSSv3
CVE-2017-8799
Untrusted input execution via igetwild in all iRODS versions prior to 4.1.11 and 4.2.1 allows other iRODS users (potentially anonymous) to execute remote shell commands via iRODS virtual pathnames. To exploit this vulnerability, a virtual iRODS pathname that includes a semicolon ...
Irods Irods
Irods Irods 4.2.0
9.8
CVSSv3
CVE-2015-2874
Seagate GoFlex Satellite, Seagate Wireless Mobile Storage, Seagate Wireless Plus Mobile Storage, and LaCie FUEL devices with firmware prior to 3.4.1.105 have a default password of root for the root account, which allows remote malicious users to obtain administrative access via a...
Seagate Wireless Plus Mobile Storage
Seagate Wireless Mobile Storage
Lacie Lac9000464u Firmware
Lacie Lac9000436u Firmware
Seagate Goflex Sattelite
9.8
CVSSv3
CVE-2004-0847
The Microsoft .NET forms authentication capability for ASP.NET allows remote malicious users to bypass authentication for .aspx files in restricted directories via a request containing a (1) "\" (backslash) or (2) "%5C" (encoded backslash), aka "Path Vali...
Microsoft Asp.net 1.1
Microsoft Asp.net
1 EDB exploit
9.8
CVSSv3
CVE-2003-0466
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow malicious users to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 up to and including 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buff...
Wuftpd Wu-ftpd
Redhat Wu Ftpd 2.6.1-16
Apple Mac Os X Server 10.2.6
Apple Mac Os X 10.2.6
Sun Solaris 9.0
Freebsd Freebsd
Netbsd Netbsd
Openbsd Openbsd
5 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »