Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
metasploit.com vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2015-8249
The FileUploadServlet class in ManageEngine Desktop Central 9 before build 91093 allows remote malicious users to upload and execute arbitrary files via the ConnectionId parameter.
Manageengine Desktop Central 9.0
1 EDB exploit
2 Github repositories
9.8
CVSSv3
CVE-2021-44077
Zoho ManageEngine ServiceDesk Plus prior to 11306, ServiceDesk Plus MSP prior to 10530, and SupportCenter Plus prior to 11014 are vulnerable to unauthenticated remote code execution. This is related to /RestAPI URLs in a servlet, and ImportTechnicians in the Struts configuration.
Zohocorp Manageengine Servicedesk Plus 11.2
Zohocorp Manageengine Servicedesk Plus Msp 10.5
Zohocorp Manageengine Servicedesk Plus 11.3
Zohocorp Manageengine Servicedesk Plus 11.1
Zohocorp Manageengine Supportcenter Plus
Zohocorp Manageengine Servicedesk Plus Msp
Zohocorp Manageengine Supportcenter Plus 11.0
2 Github repositories
1 Article
8
CVSSv3
CVE-2023-0872
The Horizon REST API includes a users endpoint in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms is vulnerable to elevation of privilege. The solution is to upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30, 2020.1.38 or Horizon 32.0.2 or newer. Me...
Opennms Horizon
Opennms Meridian
5.5
CVSSv3
CVE-2022-3113
An issue exists in the Linux kernel up to and including 5.16-rc6. mtk_vcodec_fw_vpu_init in drivers/media/platform/mtk-vcodec/mtk_vcodec_fw_vpu.c lacks check of the return value of devm_kzalloc() and will cause the null pointer dereference.
Linux Linux Kernel 5.16.0
Linux Linux Kernel
9.8
CVSSv3
CVE-2020-5847
Unraid up to and including 6.8.0 allows Remote Code Execution.
Unraid Unraid
1 Github repository
7.5
CVSSv3
CVE-2020-5849
Unraid 6.8.0 allows authentication bypass.
Unraid Unraid 6.8.0
1 Github repository
NA
CVE-2011-0609
Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and previous versions on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and previous versions on Android; Adobe AIR 2.5.1 and previous versions; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9...
Adobe Flash Player 10.1.92.10
Adobe Flash Player 10.0.15.3
Adobe Flash Player 9.0.112.0
Adobe Flash Player 9.0.246.0
Adobe Flash Player 9.0.45.0
Adobe Flash Player 9.0.114.0
Adobe Flash Player 9.0.31.0
Adobe Flash Player 9.0.124.0
Adobe Flash Player 8.0.22.0
Adobe Flash Player 10.1.95.1
Adobe Flash Player 10.0.12.10
Adobe Flash Player 10.0.0.584
Adobe Flash Player 9.0.16
Adobe Flash Player 9.0.125.0
Adobe Flash Player 9.0.28.0
Adobe Flash Player 10.0.22.87
Adobe Flash Player 9.0
Adobe Flash Player 9.0.155.0
Adobe Flash Player 7.0.25
Adobe Flash Player 7.0.63
Adobe Flash Player 9.0.20
Adobe Flash Player 7.0.24.0
1 EDB exploit
6 Articles
8.8
CVSSv3
CVE-2023-30625
rudder-server is part of RudderStack, an open source Customer Data Platform (CDP). Versions of rudder-server before 1.3.0-rc.1 are vulnerable to SQL injection. This issue may lead to Remote Code Execution (RCE) due to the `rudder` role in PostgresSQL having superuser permissions ...
Rudderstack Rudder-server
NA
CVE-2010-3189
The extSetOwner function in the UfProxyBrowserCtrl ActiveX control (UfPBCtrl.dll) in Trend Micro Internet Security Pro 2010 allows remote malicious users to execute arbitrary code via an invalid address that is dereferenced as a pointer.
Trendmicro Internet Security 2010
1 EDB exploit
8.8
CVSSv3
CVE-2021-20039
Improper neutralization of special elements in the SMA100 management interface '/cgi-bin/viewcert' POST http method allows a remote authenticated malicious user to inject arbitrary commands as a 'nobody' user. This vulnerability affected SMA 200, 210, 400, 410...
Sonicwall Sma 200 Firmware 9.0.0.11-31sv
Sonicwall Sma 200 Firmware 10.2.0.8-37sv
Sonicwall Sma 200 Firmware 10.2.1.1-19sv
Sonicwall Sma 210 Firmware 9.0.0.11-31sv
Sonicwall Sma 210 Firmware 10.2.0.8-37sv
Sonicwall Sma 210 Firmware 10.2.1.1-19sv
Sonicwall Sma 410 Firmware 9.0.0.11-31sv
Sonicwall Sma 410 Firmware 10.2.0.8-37sv
Sonicwall Sma 410 Firmware 10.2.1.1-19sv
Sonicwall Sma 400 Firmware 9.0.0.11-31sv
Sonicwall Sma 400 Firmware 10.2.0.8-37sv
Sonicwall Sma 400 Firmware 10.2.1.1-19sv
Sonicwall Sma 500v Firmware 9.0.0.11-31sv
Sonicwall Sma 500v Firmware 10.2.0.8-37sv
Sonicwall Sma 500v Firmware 10.2.1.1-19sv
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »