Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
james fitts vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2017-6020
Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA ME LAquis SCADA software versions prior to version 4.1.0.3237 do not neutralize external input to ensure that users are not calling for absolute path sequences outside of their privilege level.
Lcds Laquis Scada
1 EDB exploit
7.5
CVSSv3
CVE-2017-5177
A Stack Buffer Overflow issue exists in VIPA Controls WinPLC7 5.0.45.5921 and prior. A stack-based buffer overflow vulnerability has been identified, where an attacker with a specially crafted packet could overflow the fixed length buffer. This could allow remote code execution.
Vipa Controls Winplc7 Firmware
1 EDB exploit
8
CVSSv3
CVE-2016-8377
An issue exists in Fatek Automation PLC WinProladder Version 3.11 Build 14701. A stack-based buffer overflow vulnerability exists when the software application connects to a malicious server, resulting in a stack buffer overflow. This causes an exploitable Structured Exception Ha...
Fatek Plc Winproladder Firmware 3.11
1 EDB exploit
7
CVSSv3
CVE-2016-9351
An issue exists in Advantech SUISAccess Server Version 3.0 and prior. The directory traversal/file upload error allows an malicious user to upload and unpack a zip file.
Advantech Susiaccess
1 EDB exploit
7.5
CVSSv3
CVE-2016-9349
An issue exists in Advantech SUISAccess Server Version 3.0 and prior. An attacker could traverse the file system and extract files that can result in information disclosure.
Advantech Susiaccess
2 EDB exploits
1 Github repository
NA
CVE-2015-7901
Infinite Automation Mango Automation 2.5.x and 2.6.x up to and including 2.6.0 build 430 allows remote authenticated users to execute arbitrary OS commands via unspecified vectors.
Infinite Automation Systems Mango Automation 2.5.0
Infinite Automation Systems Mango Automation 2.5.5
Infinite Automation Systems Mango Automation 2.6.0
2 EDB exploits
NA
CVE-2014-5210
The av-centerd SOAP service in AlienVault OSSIM prior to 4.7.0 allows remote malicious users to execute arbitrary commands via a crafted (1) remote_task or (2) get_license request, a different vulnerability than CVE-2014-3804 and CVE-2014-3805.
Alienvault Open Source Security Information Management
Alienvault Open Source Security Information Management 4.5
Alienvault Open Source Security Information Management 4.3
Alienvault Open Source Security Information Management 4.2.2
Alienvault Open Source Security Information Management 4.0
Alienvault Open Source Security Information Management 3.1.12
Alienvault Open Source Security Information Management 2.1.2
Alienvault Open Source Security Information Management 1.0.6
Alienvault Open Source Security Information Management 4.1.3
Alienvault Open Source Security Information Management 4.1.2
Alienvault Open Source Security Information Management 4.1
Alienvault Open Source Security Information Management 4.0.4
Alienvault Open Source Security Information Management 4.0.3
Alienvault Open Source Security Information Management 1.0.4
Alienvault Open Source Security Information Management 4.4
Alienvault Open Source Security Information Management 4.3.3
Alienvault Open Source Security Information Management 4.3.2
Alienvault Open Source Security Information Management 4.3.1
Alienvault Open Source Security Information Management 3.1
Alienvault Open Source Security Information Management 2.1.5-3
Alienvault Open Source Security Information Management 2.1.5-2
Alienvault Open Source Security Information Management 2.1.5-1
1 EDB exploit
NA
CVE-2014-4153
The av-centerd SOAP service in AlienVault OSSIM prior to 4.8.0 allows remote malicious users to read arbitrary files via a crafted get_file request.
Alienvault Open Source Security Information Management 4.6
Alienvault Open Source Security Information Management 4.5
Alienvault Open Source Security Information Management 4.4
Alienvault Open Source Security Information Management 4.3.3
Alienvault Open Source Security Information Management 4.0
Alienvault Open Source Security Information Management
Alienvault Open Source Security Information Management 4.6.1
1 EDB exploit
NA
CVE-2014-3805
The av-centerd SOAP service in AlienVault OSSIM prior to 4.7.0 allows remote malicious users to execute arbitrary commands via a crafted (1) get_license, (2) get_log_line, or (3) update_system/upgrade_pro_web request, a different vulnerability than CVE-2014-3804.
Alienvault Open Source Security Information Management
Alienvault Open Source Security Information Management 4.6
Alienvault Open Source Security Information Management 4.1.2
Alienvault Open Source Security Information Management 4.1.3
Alienvault Open Source Security Information Management 4.2
Alienvault Open Source Security Information Management 4.3.3
Alienvault Open Source Security Information Management 4.0.3
Alienvault Open Source Security Information Management 4.3
Alienvault Open Source Security Information Management 4.3.1
Alienvault Open Source Security Information Management 4.0
Alienvault Open Source Security Information Management 4.0.4
Alienvault Open Source Security Information Management 4.1
Alienvault Open Source Security Information Management 4.3.2
Alienvault Open Source Security Information Management 4.5
Alienvault Open Source Security Information Management 4.4
Alienvault Open Source Security Information Management 4.2.2
Alienvault Open Source Security Information Management 4.2.3
2 EDB exploits
NA
CVE-2014-3804
The av-centerd SOAP service in AlienVault OSSIM prior to 4.7.0 allows remote malicious users to execute arbitrary commands via a crafted (1) update_system_info_debian_package, (2) ossec_task, (3) set_ossim_setup admin_ip, (4) sync_rserver, or (5) set_ossim_setup framework_ip requ...
Alienvault Open Source Security Information Management 4.6
Alienvault Open Source Security Information Management 4.5
Alienvault Open Source Security Information Management 4.4
Alienvault Open Source Security Information Management 4.2
Alienvault Open Source Security Information Management 4.2.2
Alienvault Open Source Security Information Management 4.0.4
Alienvault Open Source Security Information Management 4.1
Alienvault Open Source Security Information Management 4.3.1
Alienvault Open Source Security Information Management 4.3.2
Alienvault Open Source Security Information Management 4.0
Alienvault Open Source Security Information Management
Alienvault Open Source Security Information Management 4.1.2
Alienvault Open Source Security Information Management 4.1.3
Alienvault Open Source Security Information Management 4.3.3
Alienvault Open Source Security Information Management 4.0.3
Alienvault Open Source Security Information Management 4.2.3
Alienvault Open Source Security Information Management 4.3
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »