Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
falcon vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-27523
An issue exists in open-falcon dashboard version 0.2.0, allows remote malicious users to gain, modify, and delete sensitive information via crafted POST request to register interface.
Open-falcon Dashboard 0.2.0
7.8
CVSSv3
CVE-2023-32547
Incorrect default permissions in the MAVinci Desktop Software for Intel(R) Falcon 8+ before version 6.2 may allow authenticated user to potentially enable escalation of privilege via local access.
Topconpositioning Mavinci Desktop
1 Article
5.3
CVSSv3
CVE-2023-38697
protocol-http1 provides a low-level implementation of the HTTP/1 protocol. RFC 9112 Section 7.1 defined the format of chunk size, chunk data and chunk extension. The value of Content-Length header should be a string of 0-9 digits, the chunk size should be a string of hex digits a...
Socketry Protocol-http1
NA
CVE-2022-44721
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-2841. Reason: This issue was MERGED into CVE-2022-2841 in accordance with CVE content decisions, because it is the same type of vulnerability and affects the same versions. Notes: All CVE users should referen...
1 Github repository
2.7
CVSSv3
CVE-2022-2841
A vulnerability was found in CrowdStrike Falcon 6.31.14505.0/6.42.15610/6.44.15806. It has been classified as problematic. Affected is an unknown function of the component Uninstallation Handler. The manipulation leads to missing authorization. It is possible to launch the attack...
Crowdstrike Falcon 6.42.15610
Crowdstrike Falcon 6.31.14505.0
Crowdstrike Falcon 6.44.15806
1 Github repository
9.8
CVSSv3
CVE-2022-26245
Falcon-plus v0.3 exists to contain a SQL injection vulnerability via the parameter grpName in /config/service/host.go.
Open-falcon Falcon-plus 0.3
7.8
CVSSv3
CVE-2020-12330
Improper permissions in the installer for the Intel(R) Falcon 8+ UAS AscTec Thermal Viewer, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access.
Intel Falcon 8\\+ Uas Asctec Thermal Viewer Firmware -
9.8
CVSSv3
CVE-2013-2573
A Command Injection vulnerability exists in the ap parameter to the /cgi-bin/mft/wireless_mft.cgi file in TP-Link IP Cameras TL-SC 3130, TL-SC 3130G, 3171G. and 4171G 1.6.18P12s, which could let a malicious user execute arbitrary code.
Tp-link Tl-sc 3130g Firmware
Tp-link Tl-sc 3171g Firmware
Tp-link Tl-sc 4171g Firmware
1 EDB exploit
7.5
CVSSv3
CVE-2013-2572
A Security Bypass vulnerability exists in TP-LINK IP Cameras TL-SC 3130, TL-SC 3130G, 3171G, 4171G, and 3130 1.6.18P12 due to default hard-coded credentials for the administrative Web interface, which could let a malicious user obtain unauthorized access to CGI files.
Tp-link Tl-sc 3130 Firmware
Tp-link Tl-sc 3130g Firmware
Tp-link Tl-sc 3171g Firmware
Tp-link Tl-sc 4171g Firmware
1 EDB exploit
9.8
CVSSv3
CVE-2013-2568
A Command Injection vulnerability exists in Zavio IP Cameras up to and including 1.6.3 via the ap parameter to /cgi-bin/mft/wireless_mft.cgi, which could let a remote malicious user execute arbitrary code.
Zavio F3105 Firmware
Zavio F312a Firmware
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »