Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
knowledge vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2021-35978
An issue exists in Digi TransPort DR64, SR44 VC74, and WR. The ZING protocol allows arbitrary remote command execution with SUPER privileges. This allows an attacker (with knowledge of the protocol) to execute arbitrary code on the controller including overwriting firmware, addin...
Digi Transport Dr64 Firmware
Digi Transport Sr44 Firmware
Digi Transport Vc74 Firmware
Digi Transport Wr11 Firmware
Digi Transport Wr11 Xt Firmware
Digi Transport Wr21 Firmware
Digi Transport Wr31 Firmware
Digi Transport Wr41 Firmware
Digi Transport Wr44 Firmware
10
CVSSv2
CVE-2021-21505
Dell EMC Integrated System for Microsoft Azure Stack Hub, versions 1906 – 2011, contain an undocumented default iDRAC account. A remote unauthenticated attacker, with the knowledge of the default credentials, could potentially exploit this to log in to the system to gain ro...
Dell Emc Integrated System For Microsoft Azure Stack Hub Firmware
10
CVSSv2
CVE-2021-27850
A critical unauthenticated remote code execution vulnerability was found all recent versions of Apache Tapestry. The affected versions include 5.4.5, 5.5.0, 5.6.2 and 5.7.0. The vulnerability I have found is a bypass of the fix for CVE-2019-0195. Recap: Before the fix of CVE-2019...
Apache Tapestry
1 Metasploit module
3 Github repositories
10
CVSSv2
CVE-2019-14482
AdRem NetCrunch 10.6.0.4587 has a hardcoded SSL private key vulnerability in the NetCrunch web client. The same hardcoded SSL private key is used across different customers' installations when no other SSL certificate is installed, which allows remote malicious users to defe...
Adremsoft Netcrunch
10
CVSSv2
CVE-2020-8481
For ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5....
Abb 800xa System 5.1
10
CVSSv2
CVE-2019-2294
Usage of hard-coded magic number for calculating heap guard bytes can allow users to corrupt heap blocks without heap algorithm knowledge in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdr...
Qualcomm Mdm9205 Firmware -
Qualcomm Mdm9206 Firmware -
Qualcomm Mdm9607 Firmware -
Qualcomm Mdm9615 Firmware -
Qualcomm Mdm9625 Firmware -
Qualcomm Mdm9635m Firmware -
Qualcomm Mdm9655 Firmware -
Qualcomm Msm8909w Firmware -
Qualcomm Msm8996au Firmware -
Qualcomm Qcs605 Firmware -
Qualcomm Qualcomm 215 Firmware -
Qualcomm Sd 210 Firmware -
Qualcomm Sd 212 Firmware -
Qualcomm Sd 205 Firmware -
Qualcomm Sd 410 Firmware -
Qualcomm Sd 412 Firmware -
Qualcomm Sd 425 Firmware -
Qualcomm Sd 427 Firmware -
Qualcomm Sd 430 Firmware -
Qualcomm Sd 435 Firmware -
Qualcomm Sd 439 Firmware -
Qualcomm Sd 429 Firmware -
2 Articles
10
CVSSv2
CVE-2019-6971
An issue exists on TP-Link TL-WR1043ND V2 devices. An attacker can send a cookie in an HTTP authentication packet to the router management web interface, and fully control the router without knowledge of the credentials.
Tp-link Tl-wr1043nd Firmware 2.0
1 Github repository
10
CVSSv2
CVE-2014-9189
Multiple stack-based buffer overflow vulnerabilities were found in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules that could lead to possible remote code execution, dynamic memory corruption, or denial o...
Honeywell Experion Process Knowledge System
10
CVSSv2
CVE-2014-10059
In Android prior to 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, SD 210/SD 212/SD 205, SD 400, and SD 800, improper access control on ATCMD service allows third party services to access without user knowledge.
Qualcomm Mdm9615 Firmware -
Qualcomm Mdm9625 Firmware -
Qualcomm Sd 210 Firmware -
Qualcomm Sd 212 Firmware -
Qualcomm Sd 205 Firmware -
Qualcomm Sd 400 Firmware -
Qualcomm Sd 800 Firmware -
10
CVSSv2
CVE-2018-1216
A hard-coded password vulnerability exists in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management (eManagement): Dell EMC Unisphere for VMAX Virtual Appliance versions b...
Dell Emc Vmax Embedded Management
Dell Emc Solutions Enabler Virtual Appliance
Dell Emc Vasa Virtual Appliance
Dell Emc Unisphere For Vmax Virtual Appliance
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »