Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
h00die vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2021-45837
It is possible to execute arbitrary commands as root in Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517) by sending a specifically crafted input to /tos/index.php?app/del.
Terra-master Tos 4.2.15-2107141517
1 Metasploit module
1000
VMScore
CVE-2020-35665
An unauthenticated command-execution vulnerability exists in TerraMaster TOS up to and including 4.2.06 via shell metacharacters in the Event parameter in include/makecvs.php during CSV creation.
Terra-master Terramaster Operating System
1 Metasploit module
1000
VMScore
CVE-2019-7256
Linear eMerge E3-Series devices allow Command Injections.
Nortekcontrol Linear Emerge Essential Firmware
Nortekcontrol Linear Emerge Elite Firmware
1 Metasploit module
1000
VMScore
CVE-2019-7276
Optergy Proton/Enterprise devices allow Remote Root Code Execution via a Backdoor Console.
Optergy Proton
Optergy Enterprise
1 EDB exploit
1 Metasploit module
1 Github repository
1000
VMScore
CVE-2017-12478
It exists that the api/storage web interface in Unitrends Backup (UB) prior to 10.0.0 has an issue in which one of its input parameters was not validated. A remote attacker could use this flaw to bypass authentication and execute arbitrary commands with root privilege on the targ...
Kaseya Unitrends Backup
3 EDB exploits
940
VMScore
CVE-2018-1335
From Apache Tika versions 1.7 to 1.17, clients could send carefully crafted headers to tika-server that could be used to inject commands into the command line of the server running tika-server. This vulnerability only affects those running tika-server on a server that is open to ...
Apache Tika
2 EDB exploits
1 Github repository
895
VMScore
CVE-2019-7609
Kibana versions prior to 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access to the Timelion application could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing ...
Elastic Kibana
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.1
16 Github repositories
835
VMScore
CVE-2017-7921
An Improper Authentication issue exists in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401, DS-2CD2xx2FWD Series V5.3.1 build 150410 to V5.4.4 Build 161125, DS-2CD4x2xFWD Series V5.2.0 buil...
Hikvision Ds-2cd2032-i Firmware -
Hikvision Ds-2cd2112-i Firmware -
Hikvision Ds-2cd2132-i Firmware -
Hikvision Ds-2cd2212-i5 Firmware -
Hikvision Ds-2cd2232-i5 Firmware -
Hikvision Ds-2cd2312-i Firmware -
Hikvision Ds-2cd2332-i Firmware -
Hikvision Ds-2cd2412f-i(w) Firmware -
Hikvision Ds-2cd2432f-i(w) Firmware -
Hikvision Ds-2cd2512f-i(s) Firmware -
Hikvision Ds-2cd2532f-i(s) Firmware -
Hikvision Ds-2cd2612f-i(s) Firmware -
Hikvision Ds-2cd2632f-i(s) Firmware -
Hikvision Ds-2cd2712f-i(s) Firmware -
Hikvision Ds-2cd2732f-i(s) Firmware -
Hikvision Ds-2cd2t32-i3 Firmware -
Hikvision Ds-2cd2t32-i5 Firmware -
Hikvision Ds-2cd2t32-i8 Firmware -
Hikvision Ds-2cd4012f-(a) Firmware -
Hikvision Ds-2cd4012f-(p) Firmware -
Hikvision Ds-2cd4012f-(w) Firmware -
Hikvision Ds-2cd4012fwd-(a) Firmware -
2 Metasploit modules
17 Github repositories
802
VMScore
CVE-2020-11108
The Gravity updater in Pi-hole up to and including 4.4 allows an authenticated adversary to upload arbitrary files. This can be abused for Remote Code Execution by writing to a PHP file in the web directory. (Also, it can be used in conjunction with the sudo rule for the www-data...
Pi-hole Pi-hole
2 Github repositories
791
VMScore
CVE-2021-44529
A code injection vulnerability in the Ivanti EPM Cloud Services Appliance (CSA) allows an unauthenticated user to execute arbitrary code with limited permissions (nobody).
Ivanti Endpoint Manager Cloud Services Appliance
Ivanti Endpoint Manager Cloud Services Appliance 4.6
1 Metasploit module
2 Github repositories
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »