Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hyp3rlinx.altervista.org vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2018-7756
RunExeFile.exe in the installer for DEWESoft X3 SP1 (64-bit) devices does not require authentication for sessions on TCP port 1999, which allows remote malicious users to execute arbitrary code or access internal commands, as demonstrated by a RUN command that launches a .EXE fil...
Dewesoft Dewesoft X3
1 EDB exploit
10
CVSSv2
CVE-2016-7866
Adobe Animate versions 15.2.1.95 and previous versions have an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
Adobe Animate
1 EDB exploit
9.3
CVSSv2
CVE-2018-6461
March Hare WINCVS prior to 2.8.01 build 6610, and CVS Suite prior to 2009R2 build 6610, contains an Insecure Library Loading vulnerability in the wincvs2.exe or wincvs.exe file, which may allow local users to gain privileges via a Trojan horse Python or TCL DLL file in the curren...
March-hare Wincvs
9
CVSSv2
CVE-2017-3006
Adobe Thor versions 3.9.5.353 and previous versions have a vulnerability related to the use of improper resource permissions during the installation of Creative Cloud desktop applications.
Adobe Creative Cloud
1 EDB exploit
8.5
CVSSv2
CVE-2017-17055
Artica Web Proxy prior to 3.06.112911 allows remote malicious users to execute arbitrary code as root by conducting a cross-site scripting (XSS) attack involving the username-form-id parameter to freeradius.users.php.
Articatech Artica Proxy
1 EDB exploit
7.8
CVSSv2
CVE-2017-14086
Pre-authorization Start Remote Process vulnerabilities in Trend Micro OfficeScan 11.0 and XG may allow unauthenticated users who can access the OfficeScan server to start the fcgiOfcDDA.exe executable or cause a potential INI corruption, which may cause the server disk space to b...
Trendmicro Officescan 12.0
Trendmicro Officescan 11.0
1 EDB exploit
7.6
CVSSv2
CVE-2016-4309
Session fixation vulnerability in Symphony CMS 2.6.7, when session.use_only_cookies is disabled, allows remote malicious users to hijack web sessions via the PHPSESSID parameter.
Getsymphony Symphony 2.6.7
1 EDB exploit
7.5
CVSSv2
CVE-2019-19245
NAPC Xinet Elegant 6 Asset Library 6.1.655 allows Pre-Authentication SQL Injection via the /elegant6/login LoginForm[username] field when double quotes are used.
Napc Xinet Elegant 6 Asset Library 6.1.655
7.5
CVSSv2
CVE-2019-13577
SnmpAdm.exe in MAPLE WBT SNMP Administrator v2.0.195.15 has an Unauthenticated Remote Buffer Overflow via a long string to the CE Remote feature listening on Port 987.
Computerlab Maple Computer Wbt Snmp Administrator 2.0.195.15
7.5
CVSSv2
CVE-2018-6892
An issue exists in CloudMe prior to 1.11.0. An unauthenticated remote attacker that can connect to the "CloudMe Sync" client application listening on port 8888 can send a malicious payload causing a buffer overflow condition. This will result in an attacker controlling ...
Cloudme Sync
4 EDB exploits
4 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »