Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
call manager vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2021-24969
The WordPress Download Manager WordPress plugin prior to 3.2.22 does not sanitise and escape Template data before outputting it in various pages (such as admin dashboard and frontend). Due to the lack of authorisation and CSRF checks in the wpdm_save_template AJAX action, any aut...
Wpdownloadmanager Wordpress Download Manager
7.8
CVSSv3
CVE-2015-5466
Silicon Integrated Systems XGI WindowsXP Display Manager (aka XGI VGA Driver Manager and VGA Display Manager) 6.14.10.1090 allows local users to gain privileges via a crafted 0x96002404 IOCTL call.
Sis Xgi Vga Display Manager 6.14.10.1090
1 EDB exploit
NA
CVE-2015-5465
Silicon Integrated Systems WindowsXP Display Manager (aka VGA Driver Manager and VGA Display Manager) 6.14.10.3930 allows local users to gain privileges via a crafted (1) 0x96002400 or (2) 0x96002404 IOCTL call.
Sis Windows Vga Display Manager 6.14.10.3930
1 EDB exploit
1 Github repository
7.8
CVSSv3
CVE-2020-10051
A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.10.2). Multiple services of the affected application are executed with SYSTEM privileges while the call path is not quoted. This could allow a local malicious user to inject arbitrary comma...
Siemens Simatic Rtls Locating Manager
9.8
CVSSv3
CVE-2017-16608
This vulnerability allows remote malicious users to execute arbitrary code on vulnerable installations of Netgain Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within exec.jsp. The issue results from the lack of proper ...
Netgain-systems Enterprise Manager
7.5
CVSSv3
CVE-2022-43932
Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in CGI component in Synology Router Manager (SRM) prior to 1.2.5-8227-6 and 1.3.1-9346-3 allows remote malicious users to read arbitrary files via unspecifie...
Synology Router Manager
8.8
CVSSv3
CVE-2023-41738
Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in Directory Domain Functionality in Synology Router Manager (SRM) prior to 1.3.1-9346-6 allows remote authenticated users to execute arbitrary commands via unspecif...
Synology Router Manager
5.4
CVSSv3
CVE-2022-2839
The Zephyr Project Manager WordPress plugin prior to 3.2.55 does not have any authorisation as well as CSRF in all its AJAX actions, allowing unauthenticated users to call them either directly or via CSRF attacks. Furthermore, due to the lack of sanitisation and escaping, it coul...
Zephyr-one Zephyr Project Manager
NA
CVE-2010-1961
Buffer overflow in ovutil.dll in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote malicious users to execute arbitrary code via unspecified variables to jovgraph.exe, which are not properly handled in a call to the sprintf function.
Hp Openview Network Node Manager 7.53
Hp Openview Network Node Manager 7.51
1 EDB exploit
8.1
CVSSv3
CVE-2023-32955
Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in DHCP Client Functionality in Synology Router Manager (SRM) prior to 1.2.5-8227-6 and 1.3.1-9346-3 allows man-in-the-middle malicious users to execute arbitrary co...
Synology Router Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »