Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sec consult vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2018-0461
A vulnerability in the Cisco IP Phone 8800 Series Software could allow an unauthenticated, remote malicious user to conduct an arbitrary script injection attack on an affected device. The vulnerability exists because the software running on an affected device insufficiently valid...
Cisco Ip Phone 8800 Series Firmware 12.5\\(1\\)
445
VMScore
CVE-2019-9154
Improper Verification of a Cryptographic Signature in OpenPGP.js <=4.1.2 allows an malicious user to pass off unsigned data as signed.
Openpgpjs Openpgpjs
445
VMScore
CVE-2019-9153
Improper Verification of a Cryptographic Signature in OpenPGP.js <=4.1.2 allows an malicious user to forge signed messages by replacing its signatures with a "standalone" or "timestamp" signature.
Openpgpjs Openpgpjs
1 Github repository
445
VMScore
CVE-2020-27180
konzept-ix publiXone prior to 2020.015 allows malicious users to download files by iterating over the IXCopy fileID parameter.
Konzept-ix Publixone
383
VMScore
CVE-2020-27182
Multiple cross-site scripting (XSS) vulnerabilities in konzept-ix publiXone prior to 2020.015 allow remote malicious users to inject arbitrary JavaScript or HTML via appletError.jsp, job_jacket_detail.jsp, ixedit/editor_component.jsp, or the login form.
Konzept-ix Publixone
383
VMScore
CVE-2019-9155
A cryptographic issue in OpenPGP.js <=4.2.0 allows an attacker who is able provide forged messages and gain feedback about whether decryption of these messages succeeded to conduct an invalid curve attack in order to gain the victim's ECDH private key.
Openpgpjs Openpgpjs
668
VMScore
CVE-2020-27179
konzept-ix publiXone prior to 2020.015 allows malicious users to take over arbitrary user accounts by crafting password-reset tokens.
Konzept-ix Publixone
570
VMScore
CVE-2020-27181
A hardcoded AES key in CipherUtils.java in the Java applet of konzept-ix publiXone prior to 2020.015 allows malicious users to craft password-reset tokens or decrypt server-side configuration files.
Konzept-ix Publixone
668
VMScore
CVE-2020-27183
A RemoteFunctions endpoint with missing access control in konzept-ix publiXone prior to 2020.015 allows malicious users to disclose sensitive user information, send arbitrary e-mails, escalate the privileges of arbitrary user accounts, and have unspecified other impact.
Konzept-ix Publixone
445
VMScore
CVE-2021-27224
The WPG plugin prior to 3.1.0.0 for IrfanView 4.57 has a user-mode write access violation starting at WPG+0x0000000000012ec6, which might allow remote malicious users to execute arbitrary code.
Irfanview Wpg
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »