Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sec consult vulnerabilities and exploits
(subscribe to this query)
940
VMScore
CVE-2012-0391
The ExceptionDelegator component in Apache Struts prior to 2.2.3.1 interprets parameter values as OGNL expressions during certain exception handling for mismatched data types of properties, which allows remote malicious users to execute arbitrary Java code via a crafted parameter...
Apache Struts
2 EDB exploits
935
VMScore
CVE-2013-2642
Sophos Web Appliance prior to 3.7.8.2 allows (1) remote malicious users to execute arbitrary commands via shell metacharacters in the client-ip parameter to the Block page, when using the user_workstation variable in a customized template, and remote authenticated users to execut...
Sophos Web Appliance Firmware
Sophos Web Appliance -
1 EDB exploit
935
VMScore
CVE-2007-6273
Multiple format string vulnerabilities in the configuration file in SonicWALL GLobal VPN Client 3.1.556 and 4.0.0.810 allow user-assisted remote malicious users to execute arbitrary code via format string specifiers in the (1) Hostname tag or the (2) name attribute in the Connect...
Sonicwall Global Vpn Client 3.1.556
Sonicwall Global Vpn Client 4.0.0.810
1 EDB exploit
915
VMScore
CVE-2008-5416
Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and previous versions; SQL Server 2000 Desktop Engine (MSDE 2000) SP4; SQL Server 2005 SP2 and 9.00.1399.06; SQL Server 2000 Desktop Engine (WMSDE) on Windows Server 2003 SP1 and SP2; and Windows I...
Microsoft Sql Server 2000
Microsoft Sql Server 2005
3 EDB exploits
1 Github repository
905
VMScore
CVE-2016-1608
vaconfig/time in Novell Filr prior to 1.2 Security Update 3 and 2.0 before Security Update 2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the ntpServer parameter.
Novell Filr
1 EDB exploit
890
VMScore
CVE-2021-22707
A CWE-798: Use of Hard-coded Credentials vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all versions prior to R8 V3.4.0.1 ) that c...
Schneider-electric Evlink City Evc1s22p4 Firmware
Schneider-electric Evlink City Evc1s7p4 Firmware
Schneider-electric Evlink Parking Evw2 Firmware
Schneider-electric Evlink Parking Evf2 Firmware
Schneider-electric Evlink Parking Ev.2 Firmware
Schneider-electric Evlink Smart Wallbox Evb1a Firmware
890
VMScore
CVE-2020-8465
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an malicious user to manipulate system updates using a combination of CSRF bypass (CVE-2020-8461) and authentication bypass (CVE-2020-8464) to execute code as user root.
Trendmicro Interscan Web Security Virtual Appliance 6.5
890
VMScore
CVE-2020-16204
The affected product is vulnerable due to an undocumented interface found on the device, which may allow an malicious user to execute commands as root on the device on the N-Tron 702-W / 702M12-W (all versions).
Redlion N-tron 702-w Firmware
Redlion N-tron 702m12-w Firmware
890
VMScore
CVE-2020-11956
An issue exists on Rittal PDU-3C002DEC up to and including 5.17.10 and CMCIII-PU-9333E0FB up to and including 3.17.10 devices. There is a least privilege violation.
Rittal Cmciii-pu-9333e0fb Firmware
Rittal Pdu-3c002dec Firmware
Rittal Cmc Iii Pu 7030.000 Firmware
Rittal Lcp-cw Firmware
Rittal Iot Interface 3124.300
890
VMScore
CVE-2020-11951
An issue exists on Rittal PDU-3C002DEC up to and including 5.17.10 and CMCIII-PU-9333E0FB up to and including 3.17.10 devices. There is a Backdoor root account.
Rittal Cmciii-pu-9333e0fb Firmware
Rittal Pdu-3c002dec Firmware
Rittal Cmc Iii Pu 7030.000 Firmware
Rittal Lcp-cw Firmware
Rittal Iot Interface 3124.300
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »