Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
remote vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2018-16172
Improper countermeasure against clickjacking attack in client certificates management screen exists in Cybozu Remote Service 3.0.0 to 3.1.8, that allows remote malicious users to trick a user to delete the registered client certificate.
Cybozu Remote Service Manager
5.4
CVSSv3
CVE-2021-30039
Cross Site Scripting (XSS) in Remote Clinic v2.0 via the "Fever" or "Blood Pressure" field on the patients/register-report.php.
Remoteclinic Remote Clinic 2.0
9.8
CVSSv3
CVE-2023-27132
TSplus Remote Work 16.0.0.0 places a cleartext password on the "var pass" line of the HTML source code for the secure single sign-on web portal. NOTE: CVE-2023-31069 is only about the TSplus Remote Access product, not the TSplus Remote Work product.
Tsplus Tsplus Remote Work
9.8
CVSSv3
CVE-2023-27133
TSplus Remote Work 16.0.0.0 has weak permissions for .exe, .js, and .html files under the %PROGRAMFILES(X86)%\TSplus-RemoteWork\Clients\www folder. This may enable privilege escalation if a different local user modifies a file. NOTE: CVE-2023-31067 and CVE-2023-31068 are only abo...
Tsplus Tsplus Remote Work
NA
CVE-2015-2248
Cross-site request forgery (CSRF) vulnerability in the user portal in Dell SonicWALL Secure Remote Access (SRA) products with firmware prior to 7.5.1.0-38sv and 8.x prior to 8.0.0.1-16sv allows remote malicious users to hijack the authentication of users for requests that create ...
Sonicwall Remote Access Firmware
1 EDB exploit
10
CVSSv3
CVE-2023-45894
The Remote Application Server in Parallels RAS prior to 19.2.23975 does not segment virtualized applications from the server, which allows a remote malicious user to achieve remote code execution via standard kiosk breakout techniques.
Parallels Remote Application Server
NA
CVE-2013-3249
Stack-based buffer overflow in the "Add from text file" feature in the DameWare Exporter tool (DWExporter.exe) in DameWare Remote Support 10.0.0.372, 9.0.1.247, and previous versions allows user-assisted malicious users to execute arbitrary code via unspecified vectors.
Solarwinds Dameware Remote Support
4.6
CVSSv3
CVE-2022-1342
A lack of password masking in Devolutions Remote Desktop Manager allows physically proximate malicious users to observe sensitive data. A caching issue can cause sensitive fields to sometimes stay revealed when closing and reopening a panel, which could lead to involuntarily disc...
Devolutions Remote Desktop Manager
6.5
CVSSv3
CVE-2023-1574
Information disclosure in the user creation feature of a MSSQL data source in Devolutions Remote Desktop Manager 2023.1.9 and below on Windows allows an attacker with access to the user interface to obtain sensitive information via the error message dialog that displays the passw...
Devolutions Remote Desktop Manager
9.8
CVSSv3
CVE-2023-33479
RemoteClinic version 2.0 contains a SQL injection vulnerability in the /staff/edit.php file.
Remoteclinic Remote Clinic 2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »