Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
r vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2022-25163
Improper Input Validation vulnerability in Mitsubishi Electric MELSEC-Q Series QJ71E71-100 first 5 digits of serial number "24061" or prior, Mitsubishi Electric MELSEC-L series LJ71E71-100 first 5 digits of serial number "24061" or prior and Mitsubishi Electri...
Mitsubishi Melsec Iq-r Rd81mes96n Firmware
Mitsubishi Melsec Qj71e71-100 Firmware
Mitsubishi Melsec Lj71e71-100 Firmware
10
CVSSv2
CVE-2022-29539
resi-calltrace in RESI Gemini-Net 4.2 is affected by OS Command Injection. It does not properly check the parameters sent as input before they are processed on the server. Due to the lack of validation of user input, an unauthenticated attacker can bypass the syntax intended by t...
Resi Gemini-net 4.2
10
CVSSv2
CVE-2022-23812
This affects the package node-ipc from 10.1.1 and prior to 10.1.3. This package contains malicious code, that targets users with IP located in Russia or Belarus, and overwrites their files with a heart emoji. **Note**: from versions 11.0.0 onwards, instead of having malicious cod...
Node-ipc Project Node-ipc
3 Github repositories
10
CVSSv2
CVE-2021-4045
TP-Link Tapo C200 IP camera, on its 1.1.15 firmware version and below, is affected by an unauthenticated RCE vulnerability, present in the uhttpd binary running by default as root. The exploitation of this vulnerability allows an malicious user to take full control of the camera.
Tp-link Tapo C200 Firmware
15 Github repositories
10
CVSSv2
CVE-2021-21805
An OS Command Injection vulnerability exists in the ping.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). A specially crafted HTTP request can lead to arbitrary OS command execution. An attacker can send a crafted HTTP request to trigger this vulnerability.
Advantech R-seenet 2.4.12
10
CVSSv2
CVE-2020-27637
The R programming language’s default package manager CRAN is affected by a path traversal vulnerability that can lead to server compromise. This vulnerability affects packages installed via the R CMD install cli command or the install.packages() function from the interprete...
R-project Cran
10
CVSSv2
CVE-2019-19875
An issue exists in B&R Industrial Automation APROL before R4.2 V7.08. Arbitrary commands could be injected (using Python scripts) via the AprolCluster script that is invoked via sudo and thus executes with root privileges, a different vulnerability than CVE-2019-16364.
Br-automation Industrial Automation Aprol
10
CVSSv2
CVE-2020-6985
In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, these devices use a hard-coded service code for access to the console.
Moxa Pt-7528-24tx-hv Firmware
Moxa Pt-7528-24tx-hv-hv Firmware
Moxa Pt-7528-24tx-wv Firmware
Moxa Pt-7528-24tx-wv-hv Firmware
Moxa Pt-7528-24tx-wv-wv Firmware
Moxa Pt-7528-12msc-12tx-4gsfp-hv Firmware
Moxa Pt-7528-12msc-12tx-4gsfp-hv-hv Firmware
Moxa Pt-7528-12msc-12tx-4gsfp-wv Firmware
Moxa Pt-7528-12msc-12tx-4gsfp-wv-wv Firmware
Moxa Pt-7528-12mst-12tx-4gsfp-hv Firmware
Moxa Pt-7528-12mst-12tx-4gsfp-hv-hv Firmware
Moxa Pt-7528-12mst-12tx-4gsfp-wv Firmware
Moxa Pt-7528-12mst-12tx-4gsfp-wv-wv Firmware
Moxa Pt-7528-16msc-8tx-4gsfp-hv Firmware
Moxa Pt-7528-16msc-8tx-4gsfp-hv-hv Firmware
Moxa Pt-7528-16msc-8tx-4gsfp-wv Firmware
Moxa Pt-7528-16msc-8tx-4gsfp-wv-wv Firmware
Moxa Pt-7528-16mst-8tx-4gsfp-hv Firmware
Moxa Pt-7528-16mst-8tx-4gsfp-hv-hv Firmware
Moxa Pt-7528-16mst-8tx-4gsfp-wv Firmware
Moxa Pt-7528-16mst-8tx-4gsfp-wv-wv Firmware
Moxa Pt-7528-20msc-4tx-4gsfp-hv Firmware
10
CVSSv2
CVE-2019-11210
The server component of TIBCO Software Inc.'s TIBCO Enterprise Runtime for R - Server Edition, and TIBCO Spotfire Analytics Platform for AWS Marketplace contains a vulnerability that theoretically allows an unauthenticated user to bypass access controls and remotely execute ...
Tibco Spotfire Analytics Platform For Aws 10.4.0
Tibco Enterprise Runtime For R
Tibco Spotfire Analytics Platform For Aws 10.5.0
10
CVSSv2
CVE-2019-15027
The MediaTek Embedded Multimedia Card (eMMC) subsystem for Android on MT65xx, MT66xx, and MT8163 SoC devices allows malicious users to execute arbitrary commands as root via shell metacharacters in a filename under /data, because clear_emmc_nomedia_entry in platform/mt6577/extern...
Mediatek Mt8163 Firmware -
Mediatek Mt6625 Firmware -
Mediatek Mt6577 Firmware -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »