Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nassim asrir vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2018-6911
The VBWinExec function in Node\AspVBObj.dll in Advantech WebAccess 8.3.0 allows remote malicious users to execute arbitrary OS commands via a single argument (aka the command parameter).
Advantech Webaccess 8.3.0
1 EDB exploit
505
VMScore
CVE-2017-11165
dataTaker DT80 dEX 1.50.012 allows remote malicious users to obtain sensitive credential and configuration information via a direct request for the /services/getFile.cmd?userfile=config.xml URI.
Datataker Dt80 Dex Firmware 1.50.012
1 EDB exploit
905
VMScore
CVE-2019-16701
pfSense up to and including 2.3.4 up to and including 2.4.4-p3 allows Remote Code Injection via a methodCall XML document with a pfsense.exec_php call containing shell metacharacters in a parameter value.
Netgate Pfsense 2.4.4
Netgate Pfsense
1 EDB exploit
NA
CVE-2017-7874
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none
1 EDB exploit
NA
CVE-2017-7319
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none
383
VMScore
CVE-2017-18024
AvantFAX 3.3.3 has XSS via an arbitrary parameter name to the default URI, as demonstrated by a parameter whose name contains a SCRIPT element and whose value is 1.
Avantfax Avantfax 3.3.3
187
VMScore
CVE-2019-6192
A potential vulnerability has been reported in Lenovo Power Management Driver versions before 1.67.17.48 leading to a buffer overflow which could cause a denial of service.
Lenovo Power Management Driver
605
VMScore
CVE-2020-14425
Foxit Reader prior to 10.0 allows Remote Command Execution via the app.opencPDFWebPage JavsScript API. An attacker can execute local files and bypass the security dialog.
Foxitsoftware Foxit Reader
383
VMScore
CVE-2017-18023
Office Tracker 11.2.5 has XSS via the logincount parameter to the /otweb/OTPClientLogin URI.
Officetracker Officetracker 11.2.5
383
VMScore
CVE-2017-12413
AXIS 2100 devices 2.43 have XSS via the URI, possibly related to admin/admin.shtml.
Axis 2100 Network Camera Firmware 2.43
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »