Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
metasploit.com vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-9285
Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices prior to 3.0.0.4.384_10007; RT-N18U devices prior to 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices prior to 3.0.0.4.382.50010; and RT-AC5300 dev...
Asus Rt-ac66u Firmware
Asus Rt-ac68u Firmware
Asus Rt-ac86u Firmware
Asus Rt-ac88u Firmware
Asus Rt-ac1900 Firmware
Asus Rt-ac2900 Firmware
Asus Rt-ac3100 Firmware
Asus Rt-n18u Firmware
Asus Rt-ac87u Firmware
Asus Rt-ac3200 Firmware
Asus Rt-ac5300 Firmware
9.8
CVSSv3
CVE-2022-22831
An issue exists in Servisnet Tessa 0.0.2. An attacker can add a new sysadmin user via a manipulation of the Authorization HTTP header.
Servisnet Tessa 0.0.2
9.8
CVSSv3
CVE-2022-22832
An issue exists in Servisnet Tessa 0.0.2. Authorization data is available via an unauthenticated /data-service/users/ request.
Servisnet Tessa 0.0.2
7.5
CVSSv3
CVE-2022-22833
An issue exists in Servisnet Tessa 0.0.2. An attacker can obtain sensitive information via a /js/app.js request.
Servisnet Tessa 0.0.2
NA
CVE-2008-0320
Heap-based buffer overflow in the OLE importer in OpenOffice.org prior to 2.4 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via an OLE file with a crafted DocumentSummaryInformation stream.
Openoffice Openoffice.org 2.2
Openoffice Openoffice.org 2.2.1
Openoffice Openoffice.org 2.3
Openoffice Openoffice.org
Openoffice Openoffice.org 2.0.3
Openoffice Openoffice.org 2.1
1 EDB exploit
9.8
CVSSv3
CVE-2022-22965
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e....
Vmware Spring Framework
Cisco Cx Cloud Agent
Oracle Sd-wan Edge 9.0
Oracle Retail Xstore Point Of Service 20.0.1
Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.7.0
Oracle Financial Services Analytical Applications Infrastructure 8.1.1
Oracle Sd-wan Edge 9.1
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Oracle Product Lifecycle Analytics 3.6.1
Oracle Financial Services Enterprise Case Management 8.1.1.0
Oracle Financial Services Enterprise Case Management 8.1.1.1
Oracle Financial Services Behavior Detection Platform 8.1.2.0
Oracle Financial Services Behavior Detection Platform 8.1.1.1
Oracle Financial Services Behavior Detection Platform 8.1.1.0
Oracle Communications Cloud Native Core Console 1.9.0
Oracle Communications Cloud Native Core Policy 1.15.0
Oracle Communications Cloud Native Core Unified Data Repository 1.15.0
Oracle Communications Cloud Native Core Unified Data Repository 22.1.0
Oracle Communications Cloud Native Core Security Edge Protection Proxy 22.1.0
171 Github repositories
7 Articles
NA
CVE-2016-5641
This Metasploit module generates a Open API Specification 2.0 (Swagger) compliant json document that includes payload insertion points in parameters. In order for the payload to be executed, an attacker must convince someone to generate code from a specially modified swagger.json...
1 Article
9.8
CVSSv3
CVE-2023-28771
Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 up to and including 4.73, VPN series firmware versions 4.60 up to and including 5.35, USG FLEX series firmware versions 4.60 up to and including 5.35, and ATP series firmware versions 4.60 up to and...
Zyxel Atp100 Firmware
Zyxel Atp100w Firmware
Zyxel Atp200 Firmware
Zyxel Atp500 Firmware
Zyxel Atp700 Firmware
Zyxel Atp800 Firmware
Zyxel Usg Flex 100 Firmware
Zyxel Usg Flex 100w Firmware
Zyxel Usg Flex 200 Firmware
Zyxel Usg Flex 50 Firmware
Zyxel Usg Flex 500 Firmware
Zyxel Usg Flex 50w Firmware
Zyxel Usg Flex 700 Firmware
Zyxel Vpn100 Firmware
Zyxel Vpn1000 Firmware
Zyxel Vpn300 Firmware
Zyxel Vpn50 Firmware
Zyxel Zywall Usg 310 Firmware
Zyxel Zywall Usg 310 Firmware 4.73
Zyxel Zywall Usg 100 Firmware
Zyxel Zywall Usg 100 Firmware 4.73
1 Github repository
1 Article
NA
CVE-2012-3993
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox prior to 16.0, Firefox ESR 10.x prior to 10.0.8, Thunderbird prior to 16.0, Thunderbird ESR 10.x prior to 10.0.8, and SeaMonkey prior to 2.13 does not properly interact with failures of InstallTrigger methods, whic...
Mozilla Firefox Esr 10.0
Mozilla Firefox Esr 10.0.1
Mozilla Firefox Esr 10.0.2
Mozilla Firefox Esr 10.0.3
Mozilla Firefox Esr 10.0.4
Mozilla Firefox Esr 10.0.5
Mozilla Firefox Esr 10.0.6
Mozilla Firefox Esr 10.0.7
Mozilla Thunderbird Esr 10.0
Mozilla Thunderbird Esr 10.0.1
Mozilla Thunderbird Esr 10.0.2
Mozilla Thunderbird Esr 10.0.3
Mozilla Thunderbird Esr 10.0.4
Mozilla Thunderbird Esr 10.0.5
Mozilla Thunderbird Esr 10.0.6
Mozilla Thunderbird Esr 10.0.7
Mozilla Firefox 1.0
Mozilla Firefox 1.0.1
Mozilla Firefox 1.0.2
Mozilla Firefox 1.0.3
Mozilla Firefox 1.0.4
Mozilla Firefox 1.0.5
1 EDB exploit
7.8
CVSSv3
CVE-2018-4237
An issue exists in certain Apple products. iOS prior to 11.4 is affected. macOS prior to 10.13.5 is affected. tvOS prior to 11.4 is affected. watchOS prior to 4.3.1 is affected. The issue involves the "libxpc" component. It allows malicious users to gain privileges via ...
Apple Iphone Os
Apple Mac Os X
Apple Watchos
Apple Tvos
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »