Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hyp3rlinx vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-19245
NAPC Xinet Elegant 6 Asset Library 6.1.655 allows Pre-Authentication SQL Injection via the /elegant6/login LoginForm[username] field when double quotes are used.
Napc Xinet Elegant 6 Asset Library 6.1.655
9.8
CVSSv3
CVE-2019-13577
SnmpAdm.exe in MAPLE WBT SNMP Administrator v2.0.195.15 has an Unauthenticated Remote Buffer Overflow via a long string to the CE Remote feature listening on Port 987.
Computerlab Maple Computer Wbt Snmp Administrator 2.0.195.15
9.8
CVSSv3
CVE-2018-11741
NEC Univerge Sv9100 WebPro 6.00.00 devices have Predictable Session IDs that result in Account Information Disclosure via Home.htm?sessionId=#####&GOTO(8) URIs.
Nec Univerge Sv9100 Webpro Firmware 6.00.00
9.8
CVSSv3
CVE-2018-11742
NEC Univerge Sv9100 WebPro 6.00.00 devices have Cleartext Password Storage in the Web UI.
Nec Univerge Sv9100 Webpro Firmware 6.00.00
9.8
CVSSv3
CVE-2018-7756
RunExeFile.exe in the installer for DEWESoft X3 SP1 (64-bit) devices does not require authentication for sessions on TCP port 1999, which allows remote malicious users to execute arbitrary code or access internal commands, as demonstrated by a RUN command that launches a .EXE fil...
Dewesoft Dewesoft X3
1 EDB exploit
9.8
CVSSv3
CVE-2018-6892
An issue exists in CloudMe prior to 1.11.0. An unauthenticated remote attacker that can connect to the "CloudMe Sync" client application listening on port 8888 can send a malicious payload causing a buffer overflow condition. This will result in an attacker controlling ...
Cloudme Sync
4 EDB exploits
4 Github repositories
9.8
CVSSv3
CVE-2017-14089
An Unauthorized Memory Corruption vulnerability in Trend Micro OfficeScan 11.0 and XG may allow remote unauthenticated users who can access the OfficeScan server to target cgiShowClientAdm.exe and cause memory corruption issues.
Trendmicro Officescan 12.0
Trendmicro Officescan 11.0
1 EDB exploit
9.8
CVSSv3
CVE-2017-12965
Session fixation vulnerability in Apache2Triad 1.5.4 allows remote malicious users to hijack web sessions via the PHPSESSID parameter.
Apache2triad Apache2triad 1.5.4
1 EDB exploit
9.8
CVSSv3
CVE-2015-7346
SQL injection vulnerability in ZCMS 1.1.
Zcms Project Zcms 1.1
1 EDB exploit
9.8
CVSSv3
CVE-2017-7237
The Spiceworks TFTP Server, as distributed with Spiceworks Inventory 7.5, allows remote malicious users to access the Spiceworks data\configurations directory by leveraging the unauthenticated nature of the TFTP service for all clients who can reach UDP port 69, as demonstrated b...
Spiceworks Spiceworks 7.5
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »