Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
patrick vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2023-23916
An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of a...
Haxx Curl
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp Clustered Data Ontap -
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
9.8
CVSSv3
CVE-2023-22855
Kardex Mlog MCC 5.7.12+0-a203c2a213-master allows remote code execution. It spawns a web interface listening on port 8088. A user-controllable path is handed to a path-concatenation method (Path.Combine from .NET) without proper sanitisation. This yields the possibility of includ...
Kardex Kardex Control Center 5.7.12\\+0-a203c2a213-master
2 Github repositories
6.1
CVSSv3
CVE-2022-28598
Frappe ERPNext 12.29.0 is vulnerable to XSS where the software does not neutralize or incorrectly neutralize user-controllable input before it is placed in output that is used as a web page that is served to other users.
Frappe Erpnext 12.29.0
5.7
CVSSv3
CVE-2022-27774
An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an malicious user to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exis...
Haxx Curl
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Hci Bootstrap Os -
Netapp Clustered Data Ontap -
Netapp Solidfire \\& Hci Management Node -
Netapp Solidfire \\& Hci Storage Node -
Brocade Fabric Operating System -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
6.1
CVSSv3
CVE-2021-44829
Cross Site Scripting (XSS) vulnerability exists in index.html in AFI WebACMS up to and including 2.1.0 via the the ID parameter.
Afi-solutions Webacms
6.1
CVSSv3
CVE-2020-14294
An issue exists in Secudos Qiata FTA 1.70.19. The comment feature allows persistent XSS that is executed when reading transfer comments or the global notice board.
Secudos Qiata Fta
1 Github repository
7.5
CVSSv3
CVE-2020-14293
conf_datetime in Secudos DOMOS 5.8 allows remote malicious users to execute arbitrary commands as root via shell metacharacters in the zone field (obtained from the web interface).
Secudos Domos
1 Github repository
9.8
CVSSv3
CVE-2020-15492
An issue exists in INNEO Startup TOOLS 2017 M021 12.0.66.3784 through 2018 M040 13.0.70.3804. The sut_srv.exe web application (served on TCP port 85) includes user input into a filesystem access without any further validation. This might allow an unauthenticated malicious user to...
Inneo Startup Tools
1 Github repository
9.8
CVSSv3
CVE-2020-9294
An improper authentication vulnerability in FortiMail 5.4.10, 6.0.7, 6.2.2 and previous versions and FortiVoiceEntreprise 6.0.0 and 6.0.1 may allow a remote unauthenticated malicious user to access the system as a legitimate user by requesting a password change via the user inter...
Fortinet Fortimail
Fortinet Fortivoice
1 Metasploit module
8.1
CVSSv3
CVE-2018-12455
Intelbras NPLUG 1.0.0.14 wireless repeater devices have a critical vulnerability that allows an malicious user to authenticate in the web interface just by using "admin:" as the name of a cookie.
Intelbras Nplug Firmware 1.0.0.14
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »