Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
client vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-38336
netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because /bin/sh is used by susystem, a related issue to CVE-2006-0225, CVE-2019-7283, and CVE-2020-15778.
Netkit Netkit 0.17-24
9.8
CVSSv3
CVE-2023-2003
Embedded malicious code vulnerability in Vision1210, in the build 5 of operating system version 4.3, which could allow a remote malicious user to store base64-encoded malicious code in the device's data tables via the PCOM protocol, which can then be retrieved by a client an...
Unitronicsplc Vision1210 Firmware 4.3
9.8
CVSSv3
CVE-2023-35856
A buffer overflow in Nintendo Mario Kart Wii RMCP01, RMCE01, RMCJ01, and RMCK01 can be exploited by a game client to execute arbitrary code on a client's machine via a crafted packet.
Nintendo Mario Kart Wii Rmce01
Nintendo Mario Kart Wii Rmcj01
Nintendo Mario Kart Wii Rmck01
Nintendo Mario Kart Wii Rmcp01
1 Github repository
9.8
CVSSv3
CVE-2023-25539
Dell NetWorker 19.6.1.2, contains an OS command injection Vulnerability in the NetWorker client. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the pr...
Dell Networker
Dell Networker 19.7.1
9.8
CVSSv3
CVE-2023-25953
Code injection vulnerability in Drive Explorer for macOS versions 3.5.4 and previous versions allows an attacker who can login to the client where the affected product is installed to inject arbitrary code while processing the product execution. Since a full disk access privilege...
Worksmobile Drive Explorer
9.8
CVSSv3
CVE-2023-24540
Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during exe...
Golang Go
3 Github repositories
9.8
CVSSv3
CVE-2023-31471
An issue exists on GL.iNet devices prior to 3.216. Through the software installation feature, it is possible to install arbitrary software, such as a reverse shell, because the restrictions on the available package list are limited to client-side verification. It is possible to i...
Gl-inet Gl-s20 Firmware
Gl-inet Gl-x3000 Firmware
Gl-inet Gl-mt3000 Firmware
Gl-inet Gl-mt2500 Firmware
Gl-inet Gl-mt2500a Firmware
Gl-inet Gl-axt1800 Firmware
Gl-inet Gl-a1300 Firmware
Gl-inet Gl-ax1800 Firmware
Gl-inet Gl-sft1200 Firmware
Gl-inet Gl-mt1300 Firmware
Gl-inet Gl-e750 Firmware
Gl-inet Gl-mv1000 Firmware
Gl-inet Gl-mv1000w Firmware
Gl-inet Gl-s10 Firmware
Gl-inet Gl-s200 Firmware
Gl-inet Gl-s1300 Firmware
Gl-inet Gl-sf1200 Firmware
Gl-inet Gl-b1300 Firmware
Gl-inet Gl-b2200 Firmware
Gl-inet Gl-ap1300 Firmware
Gl-inet Gl-ap1300lte Firmware
Gl-inet Gl-x1200 Firmware
9.8
CVSSv3
CVE-2023-30328
An issue in the helper tool of Mailbutler GmbH Shimo VPN Client for macOS v5.0.4 allows malicious users to bypass authentication via PID re-use.
Mailbutler Shimo 5.0.4
9.8
CVSSv3
CVE-2023-26463
strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable named "public" for two different purposes within the same function. There is initially incorrect access control, later followed by an expired pointer dereference. One attack v...
Strongswan Strongswan 5.9.9
Strongswan Strongswan 5.9.8
9.8
CVSSv3
CVE-2022-45173
An issue exists in LIVEBOX Collaboration vDesk through v018. A Bypass of Two-Factor Authentication can occur under the /api/v1/vdeskintegration/challenge endpoint. Because only the client-side verifies whether a check was successful, an attacker can modify the response, and fool ...
Liveboxcloud Vdesk
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »