Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redteam-pentesting.de vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2019-13553
Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. The authentication mechanism on affected systems is configured using hard-coded credentials. These credentials could allow malicious users to influence the primary operations of...
Carel Pcoweb Firmware
4.9
CVSSv2
CVE-2020-26567
An issue exists on D-Link DSR-250N prior to 3.17B devices. The CGI script upgradeStatusReboot.cgi can be accessed without authentication. Any access reboots the device, rendering it therefore unusable for several minutes.
Dlink Dsr-250n Firmware
10
CVSSv2
CVE-2022-23178
An issue exists on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices. When the administrative web interface of the HDMI switcher is accessed unauthenticated, user credentials are disclosed that are valid to authenticate to the web interface. Specifically, aj.html sends a JSON document wi...
Crestron Hd-md4x2-4k-e Firmware 1.0.0.2159
1 Github repository
4.3
CVSSv2
CVE-2019-19265
IceWarp WebMail Server 12.2.0 and 12.1.x prior to 12.2.1.1 (and probably earlier versions) allows XSS (issue 1 of 2) in notes for contacts.
Icewarp Mail Server
4.3
CVSSv2
CVE-2014-8869
Multiple cross-site scripting (XSS) vulnerabilities in mobiquo/smartbanner/welcome.php in the Tapatalk (com.tapatalk.wbb4) plugin 1.x prior to 1.1.2 for Woltlab Burning Board 4.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) app_android_id or (2)...
Tapatalk Tapatalk 1.0.1
Tapatalk Tapatalk 1.0.0
Tapatalk Tapatalk 1.1.1
Tapatalk Tapatalk 1.1.0
Tapatalk Tapatalk 1.0.2
5.8
CVSSv2
CVE-2014-8870
Open redirect vulnerability in mobiquo/smartbanner/welcome.php in the Tapatalk (com.tapatalk.wbb4) plugin prior to 1.1.2 for Woltlab Burning Board 4.0 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the board_url pa...
Tapatalk Tapatalk 1.0.0
Tapatalk Tapatalk 1.1.1
Tapatalk Tapatalk 1.1.0
Tapatalk Tapatalk 1.0.2
Tapatalk Tapatalk 1.0.1
5
CVSSv2
CVE-2014-8871
Directory traversal vulnerability in hybris Commerce software suite 5.0.3.3 and previous versions, 5.0.0.3 and previous versions, 5.0.4.4 and previous versions, 5.1.0.1 and previous versions, 5.1.1.2 and previous versions, 5.2.0.3 and previous versions, and 5.3.0.1 and previous v...
Sap Hybris
9.3
CVSSv2
CVE-2014-8872
Improper Verification of Cryptographic Signature in AVM FRITZ!Box 6810 LTE after firmware 5.22, FRITZ!Box 6840 LTE after firmware 5.23, and other models with firmware 5.50.
Avm Fritz\\!box 6810 Lte Firmware -
Avm Fritz\\!box 6840 Lte Firmware -
5
CVSSv2
CVE-2014-8874
The ke_questionnaire extension 2.5.2 and previous versions for TYPO3 uses predictable names for the questionnaire answer forms, which makes it easier for remote malicious users to obtain sensitive information via a direct request.
Kennziffer Ke Questionnaire
9.3
CVSSv2
CVE-2014-8886
AVM FRITZ!OS prior to 6.30 extracts the contents of firmware updates before verifying their cryptographic signature, which allows remote malicious users to create symlinks or overwrite critical files, and consequently execute arbitrary code, via a crafted firmware image.
Avm Fritz\\! Os
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »