Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hyp3rlinx.altervista.org vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2020-6857
CarbonFTP v1.4 uses insecure proprietary password encryption with a hard-coded weak encryption key. The key for local FTP server passwords is hard-coded in the binary.
Taskautomation Carbonftp 1.4
NA
CVE-2024-25734
An issue exists on WyreStorm Apollo VX20 devices prior to 1.3.58. The TELNET service prompts for a password only after a valid username is entered, which might make it easier for remote malicious users to enumerate user accounts.
NA
CVE-2024-25735
An issue exists on WyreStorm Apollo VX20 devices prior to 1.3.58. Remote attackers can discover cleartext passwords via a SoftAP /device/config GET request.
1 Github repository
NA
CVE-2024-25736
An issue exists on WyreStorm Apollo VX20 devices prior to 1.3.58. Remote attackers can restart the device via a /device/reboot GET request.
NA
CVE-2024-22318
IBM i Access Client Solutions (ACS) 1.1.2 up to and including 1.1.4 and 1.1.4.3 up to and including 1.1.9.4 is vulnerable to NT LAN Manager (NTLM) hash disclosure by an attacker modifying UNC capable paths within ACS configuration files to point to a hostile server. If NTLM is en...
Ibm I Access Client Solutions
4.6
CVSSv2
CVE-2019-18895
Scanguard through 2019-11-12 on Windows has Insecure Permissions for the installation directory, leading to privilege escalation via a Trojan horse executable file.
Scanguard Scanguard Antivirus
7.2
CVSSv2
CVE-2019-18915
A potential security vulnerability has been identified with certain versions of HP System Event Utility prior to version 1.4.33. This vulnerability may allow a local malicious user to execute arbitrary code via an HP System Event Utility system service.
Hp System Event Utility
7.2
CVSSv2
CVE-2019-19697
An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an malicious user to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker m...
Trendmicro Antivirus \\+ Security 2019 15.0
Trendmicro Internet Security 2019 15.0
Trendmicro Maximum Security 2019 15.0
Trendmicro Premium Security 2019 15.0
3.5
CVSSv2
CVE-2018-15516
The FTP service on D-Link Central WiFiManager CWM-100 1.03 r0098 devices allows remote malicious users to conduct a PORT command bounce scan via port 8000, resulting in SSRF.
Dlink Central Wifimanager 1.03
5.8
CVSSv2
CVE-2016-3378
Open redirect vulnerability in Microsoft Exchange Server 2013 SP1, 2013 Cumulative Update 12, 2013 Cumulative Update 13, 2016 Cumulative Update 1, and 2016 Cumulative Update 2 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via ...
Microsoft Exchange Server 2013
Microsoft Exchange Server 2016
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »