Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ryan delaney vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2019-95551
Sagemcom F@st 5260 routers on firmware version 0.4.39 (and possibly others), in WPA mode, default to using a PSK that is generated from a 2-part wordlist of known values and a nonce with insufficient entropy. The number of possible PSKs is about 1.78 billion, which is too small.
NA
CVE-2019-127731
Verint Impact 360 version 15.1 has an issue where the helpURL parameter in wfo/help/help_popup.jsp can be changed to embed arbitrary content inside of an iFrame. Attackers may use this in conjunction with social engineering to embed malicious scripts or phishing pages on a site w...
6.1
CVSSv3
CVE-2019-12783
An issue exists in Verint Impact 360 15.1. At wfo/control/signin, the rd parameter can accept a URL, to which users will be redirected after a successful login. In conjunction with CVE-2019-12784, this can be used by malicious users to "crowdsource" bruteforce login att...
Verint Impact 360 15.1
NA
CVE-2019-127831
Verint Impact 360 version 15.1 suffers from an open redirection vulnerability.
8.8
CVSSv3
CVE-2019-12784
An issue exists in Verint Impact 360 15.1. At wfo/control/signin, the login form can accept submissions from external websites. In conjunction with CVE-2019-12783, this can be used by malicious users to "crowdsource" bruteforce login attempts on the target site, allowin...
Verint Impact 360 15.1
NA
CVE-2020-240341
Sagemcom F@ST 5280 routers using firmware version 1.150.61, and possibly others, have an insecure deserialization vulnerability that allows any authenticated user to perform a privilege escalation to any other user. By making a request with valid sess_id, nonce, and ha1 values in...
NA
CVE-2019-127841
Verint Impact 360 version 15.1 suffers from a cross site request forgery vulnerability.
NA
CVE-2018-192901
Budabot versions 0.6 through 4.0 suffer from a denial of service vulnerability.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started