Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
remote code vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-33480
RemoteClinic 2.0 contains a critical vulnerability chain that can be exploited by a remote attacker with low-privileged user credentials to create admin users, escalate privileges, and execute arbitrary code on the target system via a PHP shell. The vulnerabilities are caused by ...
Remoteclinic Remote Clinic 2.0
9.8
CVSSv3
CVE-2023-31069
An issue exists in TSplus Remote Access up to and including 16.0.2.14. Credentials are stored as cleartext within the HTML source code of the login page.
Tsplus Tsplus Remote Access
9.8
CVSSv3
CVE-2020-3331
A vulnerability in the web-based management interface of Cisco RV110W Wireless-N VPN Firewall and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote malicious user to execute arbitrary code on an affected device. The vulnerability is due to improper validat...
Cisco Rv110w Wireless-n Vpn Firewall Firmware
Cisco Rv215w Wireless-n Vpn Router Firmware
1 Github repository
NA
CVE-2013-3249
Stack-based buffer overflow in the "Add from text file" feature in the DameWare Exporter tool (DWExporter.exe) in DameWare Remote Support 10.0.0.372, 9.0.1.247, and previous versions allows user-assisted malicious users to execute arbitrary code via unspecified vectors.
Solarwinds Dameware Remote Support
9.8
CVSSv3
CVE-2023-27132
TSplus Remote Work 16.0.0.0 places a cleartext password on the "var pass" line of the HTML source code for the secure single sign-on web portal. NOTE: CVE-2023-31069 is only about the TSplus Remote Access product, not the TSplus Remote Work product.
Tsplus Tsplus Remote Work
8.3
CVSSv3
CVE-2023-2587
Teltonika’s Remote Management System versions before 4.10.0 contain a cross-site scripting (XSS) vulnerability in the main page of the web interface. An attacker with the MAC address and serial number of a connected device could send a maliciously crafted JSON file with an...
Teltonika Remote Management System
8.8
CVSSv3
CVE-2023-2588
Teltonika’s Remote Management System versions before 4.10.0 have a feature allowing users to access managed devices’ local secure shell (SSH)/web management services over the cloud proxy. A user can request a web proxy and obtain a URL in the Remote Management System...
Teltonika Remote Management System
9.8
CVSSv3
CVE-2023-4760
In Eclipse RAP versions from 3.0.0 up to and including 3.25.0, Remote Code Execution is possible on Windows when using the FileUpload component. The reason for this is a not completely secure extraction of the file name in the FileUploadProcessor.stripFileName(String name) method...
Eclipse Remote Application Platform
NA
CVE-2012-4057
Buffer overflow in the Player in Remote-Anything 5.60.15 allows remote malicious users to execute arbitrary code via a crafted flm file.
Twd-industries Remote-anything 5.60.15
1 EDB exploit
7.8
CVSSv3
CVE-2020-9332
ftusbbus2.sys in FabulaTech USB for Remote Desktop through 2020-02-19 allows privilege escalation via crafted IoCtl code related to a USB HID device.
Fabulatech Usb For Remote Desktop
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »