Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
remote vulnerabilities and exploits
(subscribe to this query)
516
VMScore
CVE-2019-3956
Dameware Remote Mini Control version 12.1.0.34 and prior contains an unauthenticated remote buffer over-read due to the server not properly validating CltDHPubKeyLen during key negotiation, which could crash the application or leak sensitive information.
Dameware Remote Mini Control
NA
CVE-2023-52252
Unified Remote 3.13.0 allows remote malicious users to execute arbitrary Lua code because of a wildcarded Access-Control-Allow-Origin for the Remote upload endpoint.
Unifiedremote Unified Remote 3.13.0
312
VMScore
CVE-2020-17457
Fujitsu ServerView Suite iRMC prior to 9.62F allows XSS. An authenticated attacker can store an XSS payload in the PSCU_FILE_INIT field of a Save Configuration XML document. The payload is triggered in the HTTP error response pages.
Fujitsu Serverview Remote Management
312
VMScore
CVE-2021-23922
An issue exists in Devolutions Remote Desktop Manager prior to 2020.2.12. There is a cross-site scripting (XSS) vulnerability in webviews.
Devolutions Remote Desktop Manager
NA
CVE-2022-3641
Elevation of privilege in the Azure SQL Data Source in Devolutions Remote Desktop Manager 2022.3.13 to 2022.3.24 allows an authenticated user to spoof a privileged account.
Devolutions Remote Desktop Manager
NA
CVE-2023-2587
Teltonika’s Remote Management System versions before 4.10.0 contain a cross-site scripting (XSS) vulnerability in the main page of the web interface. An attacker with the MAC address and serial number of a connected device could send a maliciously crafted JSON file with an...
Teltonika Remote Management System
578
VMScore
CVE-2021-42098
An incomplete permission check on entries in Devolutions Remote Desktop Manager prior to 2021.2.16 allows malicious users to bypass permissions via batch custom PowerShell.
Devolutions Remote Desktop Manager
NA
CVE-2023-30904
A security vulnerability in HPE Insight Remote Support may result in the local disclosure of privileged LDAP information.
Hpe Insight Remote Support
356
VMScore
CVE-2020-2239
Jenkins Parameterized Remote Trigger Plugin 3.1.3 and previous versions stores a secret unencrypted in its global configuration file on the Jenkins controller where it can be viewed by attackers with access to the Jenkins controller file system.
Jenkins Parameterized Remote Trigger
445
VMScore
CVE-2022-33995
A path traversal issue in entry attachments in Devolutions Remote Desktop Manager prior to 2022.2 allows malicious users to create or overwrite files in an arbitrary location.
Devolutions Remote Desktop Manager
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »