Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hyp3rlinx vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2017-6805
Directory traversal vulnerability in the TFTP server in MobaXterm Personal Edition 9.4 allows remote malicious users to read arbitrary files via a .. (dot dot) in a GET command.
Mobatek Mobaxterm 9.4
1 EDB exploit
7.8
CVSSv3
CVE-2018-17980
NoMachine prior to 5.3.27 and 6.x prior to 6.3.6 allows malicious users to gain privileges via a Trojan horse wintab32.dll file located in the same directory as a .nxs file, as demonstrated by a scenario where the .nxs file and the DLL are in the current working directory, and th...
Nomachine Nomachine
1 EDB exploit
7.5
CVSSv3
CVE-2017-9024
Secure Bytes Cisco Configuration Manager, as bundled in Secure Bytes Secure Cisco Auditor (SCA) 3.0, has a Directory Traversal issue in its TFTP Server, allowing malicious users to read arbitrary files via ../ sequences in a pathname.
Secure-bytes Secure Cisco Auditor 3.0
1 EDB exploit
5.5
CVSSv3
CVE-2018-4863
Sophos Endpoint Protection 10.7 allows local users to bypass an intended tamper protection mechanism by deleting the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Sophos Endpoint Defense\ registry key.
Sophos Endpoint Protection 10.7
1 EDB exploit
5.4
CVSSv3
CVE-2016-3652
Multiple cross-site scripting (XSS) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Symantec Endpoint Protection Manager
1 EDB exploit
8.8
CVSSv3
CVE-2016-4311
Cross-site request forgery (CSRF) vulnerability in the XACML flow feature in WSO2 Identity Server 5.1.0 allows remote malicious users to hijack the authentication of privileged users for requests that process XACML requests via an entitlement/eval-policy-submit.jsp request.
Wso2 Identity Server 5.1.0
1 EDB exploit
7.8
CVSSv3
CVE-2016-4313
Directory traversal vulnerability in unzip/extract feature in eXtplorer 2.1.9 allows remote malicious users to execute arbitrary files via a .. (dot dot) in an archive file.
Extplorer Extplorer 2.1.9
1 EDB exploit
9.8
CVSSv3
CVE-2017-12965
Session fixation vulnerability in Apache2Triad 1.5.4 allows remote malicious users to hijack web sessions via the PHPSESSID parameter.
Apache2triad Apache2triad 1.5.4
1 EDB exploit
8.8
CVSSv3
CVE-2017-12969
Buffer overflow in the ViewerCtrlLib.ViewerCtrl ActiveX control in Avaya IP Office Contact Center prior to 10.1.1 allows remote malicious users to cause a denial of service (heap corruption and crash) or execute arbitrary code via a long string to the open method.
Avaya Ip Office Contact Center 9.1.0
Avaya Ip Office Contact Center 9.1.0.2209.1540
Avaya Ip Office Contact Center 9.1.6
Avaya Ip Office Contact Center 9.1.7
Avaya Ip Office Contact Center 9.1.8
Avaya Ip Office Contact Center 9.1.9
Avaya Ip Office Contact Center 9.1
Avaya Ip Office Contact Center 10.0
Avaya Ip Office Contact Center 10.0.0.3-8600.1705
Avaya Ip Office Contact Center 10.1
1 EDB exploit
8.8
CVSSv3
CVE-2017-12970
Cross-site request forgery (CSRF) vulnerability in Apache2Triad 1.5.4 allows remote malicious users to hijack the authentication of authenticated users for requests that (1) add or (2) delete user accounts via a request to phpsftpd/users.php.
Apache2triad Apache2triad 1.5.4
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »