Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
locator vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-7526
In TotalAlert Web Application in BeaconMedaes Scroll Medical Air Systems prior to v4107600010.23, by accessing a specific uniform resource locator (URL) on the webserver, a malicious user may be able to access information in the application without authenticating.
Beaconmedaes Scroll Medical Air Systems Firmware
9.1
CVSSv3
CVE-2022-2757
Due to the lack of adequately implemented access-control rules, all versions Kingspan TMS300 CS are vulnerable to an attacker viewing and modifying the application settings without authenticating by accessing a specific uniform resource locator (URL) on the webserver.
Kingspan Tms300 Cs Firmware
9.4
CVSSv3
CVE-2017-14000
An Improper Authentication issue exists in Ctek SkyRouter Series 4200 and 4400, all versions prior to V6.00.11. By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access the application without authenticating.
Ctekproducts Skyrouter Z4200 Firmware
Ctekproducts Skyrouter Z4400 Firmware
7.5
CVSSv3
CVE-2017-15696
When an Apache Geode cluster before v1.4.0 is operating in secure mode, the Geode configuration service does not properly authorize configuration requests. This allows an unprivileged user who gains access to the Geode locator to extract configuration data and previously deployed...
Apache Geode
7.8
CVSSv3
CVE-2017-8259
In the service locator in all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow can occur as the variable set for determining the size of the buffer is not used to indicate the size of the buffer.
Google Android -
6.1
CVSSv3
CVE-2023-4476
The Locatoraid Store Locator WordPress plugin prior to 3.9.24 does not sanitise and escape the lpr-search parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
Plainware Locatoraid
7.8
CVSSv3
CVE-2017-11032
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a double free can occur when kmalloc fails to allocate memory for pointers resp/req in the service-locator driver function service_locator_send_msg().
Google Android -
NA
CVE-2011-0946
The NAT implementation in Cisco IOS 12.1 up to and including 12.4 and 15.0 up to and including 15.1, and IOS XE 3.1.xSG, allows remote malicious users to cause a denial of service (device reload or hang) via malformed NetMeeting Directory (aka Internet Locator Service or ILS) LDA...
Cisco Ios Xe 3.1.0sg
Cisco Ios Xe 3.1.1sg
Cisco Ios
NA
CVE-2007-5538
Buffer overflow in the Centralized TFTP File Locator Service in Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 prior to 5.1(3), and Unified CallManager 5.0, allows remote malicious users to execute arbitrary code or cause a denial of service via unspecified...
Cisco Unified Callmanager 5.0
Cisco Unified Communications Manager
NA
CVE-2008-3007
Argument injection vulnerability in a URI handler in Microsoft Office XP SP3, 2003 SP2 and SP3, 2007 Office System Gold and SP1, and Office OneNote 2007 Gold and SP1 allow remote malicious users to execute arbitrary code via a crafted onenote:// URL, aka "Uniform Resource Lo...
Microsoft Office Onenote 2007
Microsoft Office 2003
Microsoft Office Xp
Microsoft Office 2007
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »