Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
desktop server vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-15588
An issue exists in the client side of Zoho ManageEngine Desktop Central 10.0.552.W. An attacker-controlled server can trigger an integer overflow in InternetSendRequestEx and InternetSendRequestByBitrate that leads to a heap-based buffer overflow and Remote Code Execution with SY...
Zohocorp Manageengine Desktop Central
1 Github repository
9.8
CVSSv3
CVE-2020-3161
A vulnerability in the web server for Cisco IP Phones could allow an unauthenticated, remote malicious user to execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of prop...
Cisco Ip Phone 8865 Firmware 10.3\\(1\\)es14
Cisco Ip Phone 8865 Firmware 11.0\\(1\\)
Cisco Ip Phone 8865 Firmware 11.0\\(5\\)sr1
Cisco Ip Phone 8851 Firmware 10.3\\(1\\)es14
Cisco Ip Phone 8851 Firmware 11.0\\(1\\)
Cisco Ip Phone 8851 Firmware 11.0\\(5\\)sr1
Cisco Ip Phone 7841 Firmware 11.0\\(1\\)
Cisco Ip Phone 7821 Firmware 11.0\\(1\\)
Cisco Ip Phone 8811 Firmware 10.3\\(1\\)es14
Cisco Ip Phone 8811 Firmware 11.0\\(1\\)
Cisco Ip Phone 8811 Firmware 11.0\\(5\\)sr1
Cisco Ip Phone 8861 Firmware 10.3\\(1\\)es14
Cisco Ip Phone 8861 Firmware 11.0\\(1\\)
Cisco Ip Phone 8861 Firmware 11.0\\(5\\)sr1
Cisco Ip Phone 8845 Firmware 10.3\\(1\\)es14
Cisco Ip Phone 8845 Firmware 11.0\\(1\\)
Cisco Ip Phone 8845 Firmware 11.0\\(5\\)sr1
Cisco Ip Phone 7861 Firmware 11.0\\(1\\)
Cisco Ip Phone 8841 Firmware 10.3\\(1\\)es14
Cisco Ip Phone 8841 Firmware 11.0\\(1\\)
Cisco Ip Phone 8841 Firmware 11.0\\(5\\)sr1
Cisco Ip Phone 7811 Firmware 11.0\\(1\\)
1 Github repository
9.8
CVSSv3
CVE-2020-8540
An XML external entity (XXE) vulnerability in Zoho ManageEngine Desktop Central before the 07-Mar-2020 update allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request.
Zohocorp Manageengine Desktop Central
9.8
CVSSv3
CVE-2019-15605
HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed
Nodejs Node.js
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Opensuse Leap 15.1
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Software Collections 1.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Aus 7.7
Redhat Enterprise Linux Server Tus 7.7
Redhat Enterprise Linux Eus 7.7
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Aus 8.6
Redhat Enterprise Linux Server Tus 8.6
Redhat Enterprise Linux Eus 8.6
9.8
CVSSv3
CVE-2020-0609
A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution V...
Microsoft Windows Server 2012 -
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2019 -
7 Github repositories
4 Articles
9.8
CVSSv3
CVE-2020-0610
A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution V...
Microsoft Windows Server 2012 -
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2019 -
6 Github repositories
4 Articles
9.8
CVSSv3
CVE-2019-5544
OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.
Vmware Esxi 6.0
Vmware Esxi 6.5
Vmware Esxi 6.7
Vmware Horizon Daas
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Eus 7.7
Redhat Enterprise Linux Server Aus 7.7
Redhat Enterprise Linux Server Tus 7.7
Openslp Openslp 1.2.1
Openslp Openslp 2.0.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
2 Github repositories
9.8
CVSSv3
CVE-2019-14813
A flaw was found in ghostscript, versions 9.x prior to 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then h...
Artifex Ghostscript
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux Server 7.0
Redhat Openshift Container Platform 3.11
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Eus 7.7
Redhat Enterprise Linux Server Aus 7.7
Redhat Enterprise Linux Server Tus 7.7
Redhat Openshift Container Platform 4.1
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.0
Opensuse Leap 15.1
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 Github repository
9.8
CVSSv3
CVE-2019-1181
A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote De...
Microsoft Windows 10 1709
Microsoft Windows 10 1809
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 1803
Microsoft Windows 10 -
Microsoft Windows 10 1607
Microsoft Windows Server 2016 1903
Microsoft Windows Server 2019 -
Microsoft Windows 7 -
Microsoft Windows 8.1 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2008 -
Microsoft Windows 10 1703
Microsoft Windows 10 1803
Microsoft Windows 10 1903
Microsoft Windows Server 2012 -
Microsoft Windows Server 2016 -
3 Articles
9.8
CVSSv3
CVE-2019-1182
A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote De...
Microsoft Windows 10 1607
Microsoft Windows 10 1709
Microsoft Windows Server 2008 -
Microsoft Windows Server 2012 R2
Microsoft Windows 10 -
Microsoft Windows Server 2016 1803
Microsoft Windows Server 2016 1903
Microsoft Windows Server 2019 -
Microsoft Windows 10 1809
Microsoft Windows 10 1903
Microsoft Windows 7 -
Microsoft Windows 8.1 -
Microsoft Windows 10 1703
Microsoft Windows 10 1803
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2016 -
3 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »