Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
client vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-46161
pdfmake is an open source client/server side PDF printing in pure JavaScript. In versions up to and including 0.2.5 pdfmake contains an unsafe evaluation of user controlled input. Users of pdfmake are thus subject to arbitrary code execution in the context of the process running ...
Pdfmake Project Pdfmake
9.8
CVSSv3
CVE-2022-32221
When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously was used to issue a `PUT` request which used that callback. This f...
Haxx Curl
Netapp Clustered Data Ontap -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Apple Macos
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
1 Github repository
9.8
CVSSv3
CVE-2022-46169
Cacti is an open source platform which provides a robust and extensible operational monitoring and fault management framework for users. In affected versions a command injection vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a...
Cacti Cacti
1 Metasploit module
42 Github repositories
9.8
CVSSv3
CVE-2022-3320
It was possible to bypass policies configured for Zero Trust Secure Web Gateway by using warp-cli 'set-custom-endpoint' subcommand. Using this command with an unreachable endpoint caused the WARP Client to disconnect and allowed bypassing administrative restrictions on ...
Cloudflare Warp
9.8
CVSSv3
CVE-2022-38983
The BT Hfp Client module has a Use-After-Free (UAF) vulnerability.Successful exploitation of this vulnerability may result in arbitrary code execution.
Huawei Harmonyos 2.0
Huawei Emui 11.0.1
Huawei Emui 12.0.0
Huawei Harmonyos 2.1
9.8
CVSSv3
CVE-2022-37026
In Erlang/OTP prior to 23.3.4.15, 24.x prior to 24.3.4.2, and 25.x prior to 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, and DTLS.
Erlang Erlang\\/otp
9.8
CVSSv3
CVE-2022-3218
Due to a reliance on client-side authentication, the WiFi Mouse (Mouse Server) from Necta LLC's authentication mechanism is trivially bypassed, which can result in remote code execution.
Necta Wifi Mouse Server 1.7.8.5
9.8
CVSSv3
CVE-2022-34831
An issue exists in Keyfactor PrimeKey EJBCA prior to 7.9.0, related to possible inconsistencies in DNS identifiers submitted in an ACME order and the corresponding CSR submitted during finalization. During the ACME enrollment process, an order is submitted containing an identifie...
Primekey Ejbca
9.8
CVSSv3
CVE-2022-39135
Apache Calcite 1.22.0 introduced the SQL operators EXISTS_NODE, EXTRACT_XML, XML_TRANSFORM and EXTRACT_VALUE do not restrict XML External Entity references in their configuration, making them vulnerable to a potential XML External Entity (XXE) attack. Therefore any client exposin...
Apache Calcite
9.8
CVSSv3
CVE-2022-2526
A use-after-free vulnerability was found in systemd. This issue occurs due to the on_stream_io() function and dns_stream_complete() function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callb...
Systemd Project Systemd 240
Netapp Active Iq Unified Manager -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »