Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
image manager vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2018-11045
Pivotal Operations Manager, versions 2.1 before 2.1.6 and 2.0 before 2.0.15 and 1.12 before 1.12.22, contains a static Linux Random Number Generator (LRNG) seed file embedded in the appliance image. An attacker with knowledge of the exact version and IaaS of a running OpsManager ...
Pivotal Software Operations Manager
7.2
CVSSv3
CVE-2017-9279
NetIQ Identity Manager prior to 4.5.6.1 allowed uploading files with double extensions or non-image content in the Themes handling of the User Application Administration, allowing malicious user administrators to potentially execute code or mislead users.
Netiq Identity Manager
NA
CVE-2007-4344
Multiple input validation errors in ACD ACDSee Photo Manager 9.0 build 108, Pro Photo Manager 8.1 build 99, and Photo Editor 4.0 build 195 allow user-assisted remote malicious users to execute arbitrary code via a long section string in (1) a PSP image to the ID_PSP.apl plug-in o...
Acdsee Photo Manager 9.0
Acdsee Pro Photo Manager 8.1
Acdsee Photo Editor 4.0
NA
CVE-2007-1943
Integer overflow in ACDSee Photo Manager 9.0 allows context-dependent malicious users to cause a denial of service and possibly execute arbitrary code via large width image sizes in a crafted BMP image, as demonstrated by w3intof.bmp and w4intof.bmp.
Acd Systems Acdsee Photo Manager 9.0
1 EDB exploit
5.4
CVSSv3
CVE-2020-14988
An issue exists in Bloomreach Experience Manager (brXM) 4.1.0 up to and including 14.2.2. It allows XSS in the login page via the loginmessage parameter, the text editor via the src attribute of HTML elements, the translations menu via the foldername parameter, the author page vi...
Bloomreach Experience Manager
7
CVSSv3
CVE-2019-9627
A buffer overflow in the kernel driver CybKernelTracker.sys in CyberArk Endpoint Privilege Manager versions before 10.7 allows an attacker (without Administrator privileges) to escalate privileges or crash the machine by loading an image, such as a DLL, with a long path.
Cyberark Endpoint Privilege Manager
9.8
CVSSv3
CVE-2021-38613
The assets/index.php Image Upload feature of the NASCENT RemKon Device Manager 4.0.0.0 allows malicious users to upload any code to the target system and achieve remote code execution.
Nascent Remkon Device Manager 4.0.0.0
9.8
CVSSv3
CVE-2021-38611
A command-injection vulnerability in the Image Upload function of the NASCENT RemKon Device Manager 4.0.0.0 allows malicious users to execute arbitrary commands, as root, via shell metacharacters in the filename parameter to assets/index.php.
Nascent Remkon Device Manager 4.0.0.0
6.5
CVSSv3
CVE-2021-34638
Authenticated Directory Traversal in WordPress Download Manager <= 3.1.24 allows authenticated (Contributor+) users to obtain sensitive configuration file information, as well as allowing Author+ users to perform XSS attacks, by setting Download template to a file containing c...
Wpdownloadmanager Wordpress Download Manager
4.3
CVSSv3
CVE-2022-0634
The ThirstyAffiliates WordPress plugin prior to 3.10.5 lacks authorization checks in the ta_insert_external_image action, allowing a low-privilege user (with a role as low as Subscriber) to add an image from an external URL to an affiliate link. Further the plugin lacks csrf chec...
Caseproof Thirstyaffiliates Affiliate Link Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »