Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
metasploit.com vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2020-9015
Arista DCS-7050QX-32S-R 4.20.9M, DCS-7050CX3-32S-R 4.20.11M, and DCS-7280SRAM-48C6-R 4.22.0.1F devices (and possibly other products) allow malicious users to bypass intended TACACS+ shell restrictions via a | character. NOTE: the vendor reports that this is a configuration issue ...
Arista Dcs-7050qx-32s-r Firmware 4.20.9m
Arista Dcs-7050cx3-32s-r Firmware 4.20.11m
Arista Dcs-7280sram-48c6-r Firmware 4.22.0.1f
9.3
CVSSv2
CVE-2010-3189
The extSetOwner function in the UfProxyBrowserCtrl ActiveX control (UfPBCtrl.dll) in Trend Micro Internet Security Pro 2010 allows remote malicious users to execute arbitrary code via an invalid address that is dereferenced as a pointer.
Trendmicro Internet Security 2010
1 EDB exploit
9
CVSSv2
CVE-2021-21809
A command execution vulnerability exists in the default legacy spellchecker plugin in Moodle 3.10. A specially crafted series of HTTP requests can lead to command execution. An attacker must have administrator privileges to exploit this vulnerabilities.
Moodle Moodle 3.10.0
1 Github repository
NA
CVE-2016-582384
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-6277. Reason: This candidate was withdrawn by its CNA. Notes: All CVE users should reference CVE-2016-6277 instead of this candidate. All references and descriptions in this candidate have been removed to pre...
1 Article
9.3
CVSSv2
CVE-2008-5499
Unspecified vulnerability in Adobe Flash Player for Linux 10.0.12.36, and 9.0.151.0 and previous versions, allows remote malicious users to execute arbitrary code via a crafted SWF file.
Adobe Flash Player For Linux 10.0.12.36
Adobe Flash Player For Linux 9.0.124.0
Adobe Flash Player For Linux 9.0.115.0
Adobe Flash Player For Linux
Adobe Flash Player For Linux 9.0.48.0
Adobe Flash Player For Linux 9.0.31
1 EDB exploit
10
CVSSv2
CVE-2015-8249
The FileUploadServlet class in ManageEngine Desktop Central 9 before build 91093 allows remote malicious users to upload and execute arbitrary files via the ConnectionId parameter.
Manageengine Desktop Central 9.0
1 EDB exploit
2 Github repositories
9.3
CVSSv2
CVE-2010-3275
libdirectx_plugin.dll in VideoLAN VLC Media Player prior to 1.1.8 allows remote malicious users to execute arbitrary code via a crafted width in an AMV file, related to a "dangling pointer vulnerability."
Videolan Vlc Media Player 0.4.1
Videolan Vlc Media Player 0.2.83
Videolan Vlc Media Player 0.2.82
Videolan Vlc Media Player 0.2.63
Videolan Vlc Media Player 0.2.70
Videolan Vlc Media Player 0.4.3
Videolan Vlc Media Player 0.4.2
Videolan Vlc Media Player 0.2.62
Videolan Vlc Media Player 0.2.61
Videolan Vlc Media Player 0.5.3
Videolan Vlc Media Player 0.7.0
Videolan Vlc Media Player 0.6.2
Videolan Vlc Media Player 0.8.6
Videolan Vlc Media Player 0.9.10
Videolan Vlc Media Player 0.9.9
Videolan Vlc Media Player 1.0.0
Videolan Vlc Media Player 1.1.3
Videolan Vlc Media Player 1.0.5
Videolan Vlc Media Player 0.3.0
Videolan Vlc Media Player 0.2.92
Videolan Vlc Media Player 0.2.73
Videolan Vlc Media Player 0.5.1
1 EDB exploit
5
CVSSv2
CVE-2018-8065
An issue exists in the web server in Flexense SyncBreeze Enterprise 10.6.24. There is a user mode write access violation on the syncbrs.exe memory region that can be triggered by rapidly sending a variety of HTTP requests with long HTTP header values or long URIs.
Flexense Syncbreeze 10.6.24
7.5
CVSSv2
CVE-2014-8636
The XrayWrapper implementation in Mozilla Firefox prior to 35.0 and SeaMonkey prior to 2.32 does not properly interact with a DOM object that has a named getter, which might allow remote malicious users to execute arbitrary JavaScript code with chrome privileges via unspecified v...
Mozilla Firefox
Mozilla Seamonkey
1 EDB exploit
9.3
CVSSv2
CVE-2017-3823
An issue exists in the Cisco WebEx Extension prior to 1.0.7 on Google Chrome, the ActiveTouch General Plugin Container prior to 106 on Mozilla Firefox, the GpcContainer Class ActiveX control plugin prior to 10031.6.2017.0126 on Internet Explorer, and the Download Manager ActiveX ...
Cisco Activetouch General Plugin Container 105
Cisco Webex
Cisco Download Manager 2.1.0.9
Cisco Gpccontainer Class
Cisco Webex Meetings Server 2.0 Mr7
Cisco Webex Meetings Server 2.0 Mr8
Cisco Webex Meetings Server 2.5 Mr1
Cisco Webex Meetings Server 2.5 Mr2
Cisco Webex Meetings Server 2.5 Mr6
Cisco Webex Meetings Server 2.6 Mr3
Cisco Webex Meetings Server 2.7 Base
Cisco Webex Meetings Server 2.0 Base
Cisco Webex Meetings Server 2.0 Mr2
Cisco Webex Meetings Server 2.0 Mr9
Cisco Webex Meetings Server 2.5 Mr3
Cisco Webex Meetings Server 2.6 Base
Cisco Webex Meetings Server 2.6 Mr1
Cisco Webex Meetings Server 2.7 Mr1
Cisco Webex Meetings Server 2.0 Mr5
Cisco Webex Meetings Server 2.0 Mr6
Cisco Webex Meetings Server 2.5 Base
Cisco Webex Meetings Server 2.5 Mr5
2 Articles
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »