Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
arbitrary vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-7494
Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it....
Samba Samba
Debian Debian Linux 8.0
2 EDB exploits available
1 Metasploit module available
73 Github repositories available
7 Articles available
7.8
CVSSv3
CVE-2021-39134
`@npmcli/arborist`, the library that calculates dependency trees and manages the `node_modules` folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed...
Npmjs Arborist
Oracle Graalvm 20.3.3
Oracle Graalvm 21.2.0
Siemens Sinec Infrastructure Network Services
4.5
CVE-2021-20095
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none...
NA
CVE-2014-0466
The fixps script in a2ps 4.14 does not use the -dSAFER option when executing gs, which allows context-dependent attackers to delete arbitrary files or execute arbitrary commands via a crafted PostScript file....
Gnu A2ps 4.14
1 Github repository available
8.8
CVE-2022-32792
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing maliciously crafted web content may lead to arbitrary code execution....
Apple Macos
Apple Iphone Os
Apple Ipados
Apple Watchos
Apple Tvos
7.8
CVSSv3
CVE-2021-36952
Visual Studio Remote Code Execution Vulnerability...
Microsoft Visual Studio 2017
Microsoft Visual Studio 2019
9.8
CVSSv3
CVE-2019-0708
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution...
Microsoft Windows Vista -
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2008 -
Microsoft Windows Xp -
Microsoft Windows Server 2003 -
Microsoft Windows Server 2003 R2
Microsoft Windows 7 -
5 EDB exploits available
2 Metasploit modules available
73 Github repositories available
14 Articles available
7.8
CVSSv3
CVE-2017-6827
Heap-based buffer overflow in the MSADPCM::initializeCoefficients function in MSADPCM.cpp in audiofile (aka libaudiofile and Audio File Library) 0.3.6 allows remote attackers to have unspecified impact via a crafted audio file....
Audiofile Audiofile 0.3.6
1 Github repository available
5.5
CVSSv3
CVE-2017-6830
Heap-based buffer overflow in the alaw2linear_buf function in G711.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file....
Audiofile Audiofile 0.3.6
2 Github repositories available
5.2
CVSSv3
CVE-2020-26273
osquery is a SQL powered operating system instrumentation, monitoring, and analytics framework. In osquery before version 4.6.0, by using sqlite's ATTACH verb, someone with administrative access to osquery can cause reads and writes to arbitrary sqlite databases on disk....
Linuxfoundation Osquery
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
arbitrary
CVE-2023-6514
CVE-2023-45285
CVE-2023-42917
validation
log injection
CVE-2023-36655
CVE-2023-48849
CVE-2023-23397
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »