Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
anonymous vulnerabilities and exploits
(subscribe to this query)
9.6
CVSSv3
CVE-2022-46332
The Admin Smart Search feature in Proofpoint Enterprise Protection (PPS/PoD) contains a stored cross-site scripting vulnerability that enables an anonymous email sender to gain admin privileges within the user interface. This affects all versions 8.19.0 and below.
Proofpoint Enterprise Protection
9.6
CVSSv3
CVE-2020-16017
Use after free in site isolation in Google Chrome before 86.0.4240.198 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Google Chrome
9.1
CVSSv3
CVE-2013-5654
Vulnerability in YingZhi Python Programming Language v1.9 allows arbitrary anonymous uploads to the phone's storage
Yingzhipython Project Yingzhipython 1.9
9.1
CVSSv3
CVE-2018-16842
Curl versions 7.14.1 up to and including 7.61.1 are vulnerable to a heap-based buffer over-read in the tool_msgs.c:voutf() function that may result in information exposure and denial of service.
Haxx Curl
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
9.1
CVSSv3
CVE-2012-2926
Atlassian JIRA prior to 5.0.1; Confluence prior to 3.5.16, 4.0 prior to 4.0.7, and 4.1 prior to 4.1.10; FishEye and Crucible prior to 2.5.8, 2.6 prior to 2.6.8, and 2.7 prior to 2.7.12; Bamboo prior to 3.3.4 and 3.4.x prior to 3.4.5; and Crowd prior to 2.0.9, 2.1 prior to 2.1.2, ...
Atlassian Bamboo
Atlassian Confluence
Atlassian Confluence Server
Atlassian Crowd
Atlassian Crucible
Atlassian Fisheye
Atlassian Jira
1 EDB exploit
8.8
CVSSv3
CVE-2023-5130
A buffer overflow vulnerability exists in Delta Electronics WPLSoft. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DVP file to achieve code execution.
Deltaww Wplsoft 2.42.11
8.8
CVSSv3
CVE-2023-5131
A heap buffer-overflow exists in Delta Electronics ISPSoft. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DVP file to achieve code execution.
Deltaww Ispsoft 3.02.11
8.8
CVSSv3
CVE-2023-22522
This Template Injection vulnerability allows an authenticated attacker, including one with anonymous access, to inject unsafe user input into a Confluence page. Using this approach, an attacker is able to achieve Remote Code Execution (RCE) on an affected instance. Publicly acces...
Atlassian Confluence Server
Atlassian Confluence Data Center 8.7.0
Atlassian Confluence Data Center
8.8
CVSSv3
CVE-2023-42852
A logic issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Sonoma 14.1, Safari 17.1, tvOS 17.1. Processing web content may lead to arbitrary code execution.
Apple Macos
Apple Iphone Os
Apple Ipados
Apple Watchos
Apple Tvos
Apple Safari
Fedoraproject Fedora 37
Debian Debian Linux 11.0
Debian Debian Linux 12.0
8.8
CVSSv3
CVE-2023-40145
In Weintek's cMT3000 HMI Web CGI device, an anonymous attacker can execute arbitrary commands after login to the device.
Weintek Cmt-fhd Firmware
Weintek Cmt-hdm Firmware
Weintek Cmt3071 Firmware
Weintek Cmt3072 Firmware
Weintek Cmt3090 Firmware
Weintek Cmt3103 Firmware
Weintek Cmt3151 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2024-20360
CVE-2021-47559
XXE
CVE-2024-5229
CVE-2021-47543
CVE-2021-47571
SSTI
CVE-2024-4978
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »