Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
arbitrary vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2021-39134
`@npmcli/arborist`, the library that calculates dependency trees and manages the `node_modules` folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed...
Npmjs Arborist
Oracle Graalvm 20.3.3
Oracle Graalvm 21.2.0
Siemens Sinec Infrastructure Network Services
1 Article available
4.5
CVE-2021-20095
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none....
1 Github repository available
NA
CVE-2014-0466
The fixps script in a2ps 4.14 does not use the -dSAFER option when executing gs, which allows context-dependent attackers to delete arbitrary files or execute arbitrary commands via a crafted PostScript file....
Gnu A2ps 4.14
1 Github repository available
9.8
CVSSv3
CVE-2017-7494
Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it....
Samba Samba
Debian Debian Linux 8.0
2 EDB exploits available
1 Metasploit module available
68 Github repositories available
12 Articles available
7.8
CVSSv3
CVE-2021-36952
Visual Studio Remote Code Execution Vulnerability...
Microsoft Visual Studio 2017
Microsoft Visual Studio 2019
8.8
CVE-2022-32792
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing maliciously crafted web content may lead to arbitrary code execution....
Apple Macos
Apple Iphone Os
Apple Ipados
Apple Watchos
Apple Tvos
1 Github repository available
9.8
CVSSv3
CVE-2019-0708
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution...
Microsoft Windows Vista -
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2008 -
Microsoft Windows Xp -
Microsoft Windows Server 2003 -
Microsoft Windows Server 2003 R2
Microsoft Windows 7 -
5 EDB exploits available
2 Metasploit modules available
73 Github repositories available
14 Articles available
5.2
CVSSv3
CVE-2020-26273
osquery is a SQL powered operating system instrumentation, monitoring, and analytics framework. In osquery before version 4.6.0, by using sqlite's ATTACH verb, someone with administrative access to osquery can cause reads and writes to arbitrary sqlite databases on disk....
Linuxfoundation Osquery
7.8
CVSSv3
CVE-2017-6827
Heap-based buffer overflow in the MSADPCM::initializeCoefficients function in MSADPCM.cpp in audiofile (aka libaudiofile and Audio File Library) 0.3.6 allows remote attackers to have unspecified impact via a crafted audio file....
Audiofile Audiofile 0.3.6
1 Github repository available
5.5
CVSSv3
CVE-2017-6830
Heap-based buffer overflow in the alaw2linear_buf function in G711.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file....
Audiofile Audiofile 0.3.6
2 Github repositories available
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-41831
arbitrary code
LFI
CVE-2023-1536
CVE-2023-0175
XML external entity
CVE-2023-1515
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »