Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
paul taylor vulnerabilities and exploits
(subscribe to this query)
9.9
CVSSv3
CVE-2017-7175
NfSen prior to 1.3.8 allows remote malicious users to execute arbitrary OS commands via shell metacharacters in the customfmt parameter (aka the "Custom output format" field).
Nfsen Nfsen
1 EDB exploit
9.8
CVSSv3
CVE-2019-18935
Progress Telerik UI for ASP.NET AJAX up to and including 2019.3.1023 contains a .NET deserialization vulnerability in the RadAsyncUpload function. This is exploitable when the encryption keys are known due to the presence of CVE-2017-11317 or CVE-2017-11357, or other means. Explo...
Telerik Ui For Asp.net Ajax
17 Github repositories
2 Articles
9.8
CVSSv3
CVE-2018-1235
Dell EMC RecoverPoint versions before 5.1.2 and RecoverPoint for VMs versions before 5.1.1.3, contain a command injection vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to execute arbitrary commands on the affected system with root pr...
Emc Recoverpoint For Virtual Machines
Emc Recoverpoint
1 EDB exploit
2 Github repositories
9.8
CVSSv3
CVE-2017-11317
Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX before R1 2017 and R2 before R2 2017 SP2 uses weak RadAsyncUpload encryption, which allows remote malicious users to perform arbitrary file uploads or execute arbitrary code.
Telerik Ui For Asp.net Ajax 2017.2.503
Telerik Ui For Asp.net Ajax 2017.2.621
Telerik Ui For Asp.net Ajax
1 EDB exploit
7 Github repositories
9.8
CVSSv3
CVE-2017-11357
Progress Telerik UI for ASP.NET AJAX before R2 2017 SP2 does not properly restrict user input to RadAsyncUpload, which allows remote malicious users to perform arbitrary file uploads or execute arbitrary code.
Telerik Ui For Asp.net Ajax
1 EDB exploit
4 Github repositories
9.8
CVSSv3
CVE-2017-9248
Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity prior to 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the MachineKey, which makes it easier for remote malicious users to defeat cryptographic pro...
Telerik Ui For Asp.net Ajax
Telerik Sitefinity Cms
1 EDB exploit
17 Github repositories
1 Article
9.8
CVSSv3
CVE-2015-9098
In Redgate SQL Monitor prior to 3.10 and 4.x prior to 4.2, a remote attacker can gain unauthenticated access to the Base Monitor, resulting in the ability to execute arbitrary SQL commands on any monitored Microsoft SQL Server machines. If the Base Monitor is connecting to these ...
Red-gate Sql Monitor
Red-gate Sql Monitor 4.0
Red-gate Sql Monitor 4.1
1 EDB exploit
9.8
CVSSv3
CVE-2017-6972
AlienVault USM and OSSIM prior to 5.3.7 and NfSen prior to 1.3.8 have an error in privilege dropping and unnecessarily execute the NfSen Perl code as root, aka AlienVault ID ENG-104945, a different vulnerability than CVE-2017-6970 and CVE-2017-6971.
Alienvault Ossim
Alienvault Unified Security Management
Nfsen Nfsen
1 EDB exploit
8.8
CVSSv3
CVE-2017-6971
AlienVault USM and OSSIM prior to 5.3.7 and NfSen prior to 1.3.8 allow remote authenticated users to execute arbitrary commands in a privileged context, or launch a reverse shell, via vectors involving the PHP session ID and the NfSen PHP code, aka AlienVault ID ENG-104862.
Alienvault Ossim
Alienvault Unified Security Management
Nfsen Nfsen
1 EDB exploit
1 Github repository
8.4
CVSSv3
CVE-2017-6970
AlienVault USM and OSSIM prior to 5.3.7 and NfSen prior to 1.3.8 allow local users to execute arbitrary commands in a privileged context via an NfSen socket, aka AlienVault ID ENG-104863.
Alienvault Unified Security Management
Alienvault Ossim
Nfsen Nfsen
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »