Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
firmware vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2015-3961
The web-server component in MNS prior to 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches allows remote authenticated users to cause a denial of service (memory corruption and reboot) via a crafted URL.
Garrettcom Magnum 6k Firmware
Garrettcom Magnum 10k Firmware
6.5
CVSSv2
CVE-2015-6486
SQL injection vulnerability on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Rockwellautomation Micrologix 1400 Firmware
Rockwellautomation Micrologix 1100 Firmware
4.3
CVSSv2
CVE-2015-6488
Cross-site scripting (XSS) vulnerability in the web server on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Rockwellautomation Micrologix 1100 Firmware
Rockwellautomation Micrologix 1400 Firmware
10
CVSSv2
CVE-2015-6490
Stack-based buffer overflow on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices through B FRN 15.003 allows remote malicious users to execute arbitrary code via unspecified vectors.
Rockwellautomation Micrologix 1100 Firmware
Rockwellautomation Micrologix 1400 Firmware
4
CVSSv2
CVE-2015-6491
Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allow remote authenticated users to insert the content of an arbitrary file into a FRAME element via unspecified vectors.
Rockwellautomation Micrologix 1400 Firmware
Rockwellautomation Micrologix 1100 Firmware
7.8
CVSSv2
CVE-2015-6492
Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allow remote malicious users to cause a denial of service (memory corruption and device crash) via a crafted HTTP request.
Rockwellautomation Micrologix 1400 Firmware
Rockwellautomation Micrologix 1100 Firmware
10
CVSSv2
CVE-2016-1984
The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices prior to 2016-01-20 has a hardcoded password for the 1MB@tMaN account, which makes it easier for remote malicious users to obtain access via a (1) SSH or (2) HTTP session, a different vulnerability than CVE-2015...
Harman Amx Firmware 1.3.100
Harman Amx Firmware 1.2.322
4.3
CVSSv2
CVE-2021-21580
Dell EMC iDRAC8 versions before 2.80.80.80 & Dell EMC iDRAC9 versions before 5.00.00.00 contain a Content spoofing / Text injection, where a malicious URL can inject text to present a customized message on the application that can phish users into believing that the message i...
Dell Emc Idrac8 Firmware
Dell Emc Idrac9 Firmware
6.8
CVSSv2
CVE-2019-13533
In Omron PLC CJ series, all versions, and Omron PLC CS series, all versions, an attacker could monitor traffic between the PLC and the controller and replay requests that could result in the opening and closing of industrial valves.
Omron Plc Cj Firmware
Omron Plc Cs Firmware
6.5
CVSSv2
CVE-2021-36301
Dell iDRAC 9 prior to version 4.40.40.00 and iDRAC 8 prior to version 2.80.80.80 contain a Stack Buffer Overflow in Racadm. An authenticated remote attacker may potentially exploit this vulnerability to control process execution and gain access to the underlying operating system.
Dell Emc Idrac8 Firmware
Dell Emc Idrac9 Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »