Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
connections vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-36436
OSU Open Source Lab VNCAuthProxy up to and including 1.1.1 is affected by an vncap/vnc/protocol.py VNCServerAuthenticator authentication-bypass vulnerability that could allow a malicious actor to gain unauthorized access to a VNC session or to disconnect a legitimate user from a ...
Osuosl Twisted Vnc Authentication Proxy
1 Github repository
9.8
CVSSv3
CVE-2022-37437
When using Ingest Actions to configure a destination that resides on Amazon Simple Storage Service (S3) in Splunk Web, TLS certificate validation is not correctly performed and tested for the destination. The vulnerability only affects connections between Splunk Enterprise and an...
Splunk Splunk 9.0.0
9.8
CVSSv3
CVE-2022-22282
SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and previous versions versions incorrectly restricts access to a resource using HTTP connections from an unauthorized actor leading to Improper Access Control vulnerability.
Sonicwall Sma 6200 Firmware 12.4.0
Sonicwall Sma 6200 Firmware 12.4.1
Sonicwall Sma 6210 Firmware 12.4.0
Sonicwall Sma 6210 Firmware 12.4.1
Sonicwall Sma 7200 Firmware 12.4.0
Sonicwall Sma 7200 Firmware 12.4.1
Sonicwall Sma 7210 Firmware 12.4.0
Sonicwall Sma 7210 Firmware 12.4.1
Sonicwall Sma 8000v Firmware 12.4.0
Sonicwall Sma 8000v Firmware 12.4.1
9.8
CVSSv3
CVE-2022-26672
ASUS WebStorage has a hardcoded API Token in the APP source code. An unauthenticated remote attacker can use this token to establish connections with the server and carry out login attempts to general user accounts. A successful login to a general user account allows the maliciou...
Asus Webstorage
9.8
CVSSv3
CVE-2022-26651
An issue exists in Asterisk up to and including 19.x and Certified Asterisk up to and including 16.8-cert13. The func_odbc module provides possibly inadequate escaping functionality for backslash characters in SQL queries, resulting in user-provided data creating a broken SQL que...
Digium Certified Asterisk 16.8
Digium Asterisk
Debian Debian Linux 10.0
Debian Debian Linux 11.0
9.8
CVSSv3
CVE-2020-22253
Xiongmai Technology Co devices AHB7008T-MH-V2, AHB7804R-ELS, AHB7804R-MH-V2, AHB7808R-MS-V2, AHB7808R-MS, AHB7808T-MS-V2, AHB7804R-LMS, and HI3518E_50H10L_S39 were all discovered to have port 9530 open which allows unauthenticated malicious users to make arbitrary Telnet connecti...
Xiongmaitech Ahb7008t-mh-v2 Firmware 4.02.r11.7601.nat.onvifc.20170420
Xiongmaitech Ahb7804r-els Firmware 4.02.r11.nat.onvifc.20160422
Xiongmaitech Ahb7804r-mh-v2 Firmware 4.02.r11.7601.nat.onvifc.20170424
Xiongmaitech Ahb7808r-ms-v2 Firmware 4.02.r11.nat.onvifc.20170327
Xiongmaitech Ahb7808r-ms Firmware 4.02.r11.nat.onvifc.20170328
Xiongmaitech Ahb7808t-ms-v2 Firmware 4.02.r11.nat.onvifc.20161205
Xiongmaitech Ahb7804r-lms Firmware 4.02.r11.nat.onvifc.20170301
Xiongmaitech Hi3518e 50h10l S39 Firmware 4.02.r12.nat.onvifs.20170727 All
9.8
CVSSv3
CVE-2022-24786
PJSIP is a free and open source multimedia communication library written in C. PJSIP versions 2.12 and prior do not parse incoming RTCP feedback RPSI (Reference Picture Selection Indication) packet, but any app that directly uses pjmedia_rtcp_fb_parse_rpsi() will be affected. A p...
Pjsip Pjsip
Debian Debian Linux 9.0
Debian Debian Linux 10.0
2 Github repositories
9.8
CVSSv3
CVE-2021-32980
Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 does not protect against additional software programming connections. An attacker can connect to the PLC while an existing connection is already active.
Automationdirect C0-10dd1e-d Firmware
Automationdirect C0-10dd2e-d Firmware
Automationdirect C0-10dre-d Firmware
Automationdirect C0-10are-d Firmware
Automationdirect C0-11dd1e-d Firmware
Automationdirect C0-11dd2e-d Firmware
Automationdirect C0-11dre-d Firmware
Automationdirect C0-11are-d Firmware
Automationdirect C0-12dd1e-d Firmware
Automationdirect C0-12dd2e-d Firmware
Automationdirect C0-12dre-d Firmware
Automationdirect C0-12are-d Firmware
Automationdirect C0-12dd1e-1-d Firmware
Automationdirect C0-12dd2e-1-d Firmware
Automationdirect C0-12dre-1-d Firmware
Automationdirect C0-12are-1-d Firmware
Automationdirect C0-12dd1e-2-d Firmware
Automationdirect C0-12dd2e-2-d Firmware
Automationdirect C0-12dre-2-d Firmware
Automationdirect C0-12are-2-d Firmware
9.8
CVSSv3
CVE-2021-32984
All programming connections receive the same unlocked privileges, which can result in a privilege escalation. During the time Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 is unlocked by an authorized user, an attacker can connect to the PLC and...
Automationdirect C0-10dd1e-d Firmware
Automationdirect C0-10dd2e-d Firmware
Automationdirect C0-10dre-d Firmware
Automationdirect C0-10are-d Firmware
Automationdirect C0-11dd1e-d Firmware
Automationdirect C0-11dd2e-d Firmware
Automationdirect C0-11dre-d Firmware
Automationdirect C0-11are-d Firmware
Automationdirect C0-12dd1e-d Firmware
Automationdirect C0-12dd2e-d Firmware
Automationdirect C0-12dre-d Firmware
Automationdirect C0-12are-d Firmware
Automationdirect C0-12dd1e-1-d Firmware
Automationdirect C0-12dd2e-1-d Firmware
Automationdirect C0-12dre-1-d Firmware
Automationdirect C0-12are-1-d Firmware
Automationdirect C0-12dd1e-2-d Firmware
Automationdirect C0-12dd2e-2-d Firmware
Automationdirect C0-12dre-2-d Firmware
Automationdirect C0-12are-2-d Firmware
9.8
CVSSv3
CVE-2021-32986
After Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 is unlocked by an authorized user, the unlocked state does not timeout. If the programming software is interrupted, the PLC remains unlocked. All subsequent programming connections are allowed ...
Automationdirect C0-10dd1e-d Firmware
Automationdirect C0-10dd2e-d Firmware
Automationdirect C0-10dre-d Firmware
Automationdirect C0-10are-d Firmware
Automationdirect C0-11dd1e-d Firmware
Automationdirect C0-11dd2e-d Firmware
Automationdirect C0-11dre-d Firmware
Automationdirect C0-11are-d Firmware
Automationdirect C0-12dd1e-d Firmware
Automationdirect C0-12dd2e-d Firmware
Automationdirect C0-12dre-d Firmware
Automationdirect C0-12are-d Firmware
Automationdirect C0-12dd1e-1-d Firmware
Automationdirect C0-12dd2e-1-d Firmware
Automationdirect C0-12dre-1-d Firmware
Automationdirect C0-12are-1-d Firmware
Automationdirect C0-12dd1e-2-d Firmware
Automationdirect C0-12dd2e-2-d Firmware
Automationdirect C0-12dre-2-d Firmware
Automationdirect C0-12are-2-d Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2024-5274
CVE-2020-17519
CVE-2024-35340
CVE-2021-47558
local
XML injection
CVE-2021-47519
CVE-2021-47543
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »