Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sec consult vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2016-1611
Novell Filr 1.2 before Hot Patch 6 and 2.0 before Hot Patch 2 uses world-writable permissions for /etc/profile.d/vainit.sh, which allows local users to gain privileges by replacing this file's content with arbitrary shell commands.
Novell Filr
1 EDB exploit
7.5
CVSSv3
CVE-2021-34593
In CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56 unauthenticated crafted invalid requests may result in several denial-of-service conditions. Running PLC programs may be stopped, memory may be leaked, or further communication clients may be block...
Codesys Plcwinnt
Codesys Runtime Toolkit
7.5
CVSSv3
CVE-2021-39245
Hardcoded .htaccess Credentials for getlogs.cgi exist on Altus Nexto, Nexto Xpress, and Hadron Xtorm devices. This affects Nexto NX3003 1.8.11.0, Nexto NX3004 1.8.11.0, Nexto NX3005 1.8.11.0, Nexto NX3010 1.8.3.0, Nexto NX3020 1.8.3.0, Nexto NX3030 1.8.3.0, Nexto NX5100 1.8.11.0,...
Altus Nexto Nx3003 Firmware 1.8.11.0
Altus Nexto Nx3004 Firmware 1.8.11.0
Altus Nexto Nx3005 Firmware 1.8.11.0
Altus Nexto Nx3010 Firmware 1.8.3.0
Altus Nexto Nx3020 Firmware 1.8.3.0
Altus Nexto Nx3030 Firmware 1.8.3.0
Altus Nexto Nx5100 Firmware 1.8.11.0
Altus Nexto Nx5101 Firmware 1.8.11.0
Altus Nexto Nx5110 Firmware 1.1.2.8
Altus Nexto Nx5210 Firmware 1.1.2.8
Altus Nexto Xpress Xp300 Firmware 1.8.11.0
Altus Nexto Xpress Xp315 Firmware 1.8.11.0
Altus Nexto Xpress Xp325 Firmware 1.8.11.0
Altus Nexto Xpress Xp340 Firmware 1.8.11.0
Altus Hadron Xtorm Hx3040 Firmware 1.7.58.0
7.5
CVSSv3
CVE-2021-27224
The WPG plugin prior to 3.1.0.0 for IrfanView 4.57 has a user-mode write access violation starting at WPG+0x0000000000012ec6, which might allow remote malicious users to execute arbitrary code.
Irfanview Wpg
7.5
CVSSv3
CVE-2020-8463
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an malicious user to bypass a global authorization check for anonymous users by manipulating request paths.
Trendmicro Interscan Web Security Virtual Appliance 6.5
7.5
CVSSv3
CVE-2020-8464
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an malicious user to send requests that appear to come from the localhost which could expose the product's admin interface to users who would not normally have access.
Trendmicro Interscan Web Security Virtual Appliance 6.5
7.5
CVSSv3
CVE-2020-27180
konzept-ix publiXone prior to 2020.015 allows malicious users to download files by iterating over the IXCopy fileID parameter.
Konzept-ix Publixone
7.5
CVSSv3
CVE-2020-15592
SteelCentral Aternity Agent prior to 11.0.0.120 on Windows allows Privilege Escalation via a crafted file. It uses an executable running as a high privileged Windows service to perform administrative tasks and collect data from other processes. It distributes functionality among ...
Riverbed Steelcentral Aternity Agent
7.5
CVSSv3
CVE-2020-9435
PHOENIX CONTACT TC ROUTER 3002T-4G up to and including 2.05.3, TC ROUTER 2002T-3G up to and including 2.05.3, TC ROUTER 3002T-4G VZW up to and including 2.05.3, TC ROUTER 3002T-4G ATT up to and including 2.05.3, TC CLOUD CLIENT 1002-4G up to and including 2.03.17, and TC CLOUD CL...
Phoenixcontact Tc Router 3002t-4g Firmware
Phoenixcontact Tc Router 2002t-3g Firmware
Phoenixcontact Tc Router 3002t-4g Vzw Firmware
Phoenixcontact Tc Router 3002t-4g Att Firmware
Phoenixcontact Tc Cloud Client 1002-4g Firmware
Phoenixcontact Tc Cloud Client 1002-txtx Firmware
7.5
CVSSv3
CVE-2019-9153
Improper Verification of a Cryptographic Signature in OpenPGP.js <=4.1.2 allows an malicious user to forge signed messages by replacing its signatures with a "standalone" or "timestamp" signature.
Openpgpjs Openpgpjs
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »