Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sec-consult.com vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2021-36787
The femanager extension prior to 5.5.1 and 6.x prior to 6.3.1 for TYPO3 allows XSS via a crafted SVG document.
In2code Femanager
NA
CVE-2015-2655
Unspecified vulnerability in the Application Express component in Oracle Database Server prior to 4.2.3.00.08 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
Oracle Database Server
NA
CVE-2015-3035
Directory traversal vulnerability in TP-LINK Archer C5 (1.2) with firmware prior to 150317, C7 (2.0) with firmware prior to 150304, and C8 (1.0) with firmware prior to 150316, Archer C9 (1.0), TL-WDR3500 (1.0), TL-WDR3600 (1.0), and TL-WDR4300 (1.0) with firmware prior to 150302,...
Tp-link Tl-wr841n \\(9.0\\) Firmware
Tp-link Tl-wr740n \\(5.0\\) Firmware
Tp-link Archer C5 \\(1.2\\) Firmware
Tp-link Tl-wr841n \\(10.0\\) Firmware
Tp-link Tl-wr741nd \\(5.0\\) Firmware
Tp-link Tl-wr741nd \\(5.0\\)
Tp-link Tl-wdr3600 \\(1.0\\) Firmware
Tp-link Archer C7 \\(2.0\\) Firmware
Tp-link Tl-wr841nd \\(10.0\\) Firmware 150104
Tp-link Archer C9 \\(1.0\\) Firmware
Tp-link Tl-wr841nd \\(9.0\\) Firmware
Tp-link Archer C8 \\(1.0\\) Firmware
Tp-link Tl-wdr4300 \\(1.0\\) Firmware
Tp-link Tl-wdr3500 \\(1.0\\) Firmware
7.5
CVSSv3
CVE-2020-8463
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an malicious user to bypass a global authorization check for anonymous users by manipulating request paths.
Trendmicro Interscan Web Security Virtual Appliance 6.5
9.8
CVSSv3
CVE-2021-22707
A CWE-798: Use of Hard-coded Credentials vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all versions prior to R8 V3.4.0.1 ) that c...
Schneider-electric Evlink City Evc1s22p4 Firmware
Schneider-electric Evlink City Evc1s7p4 Firmware
Schneider-electric Evlink Parking Evw2 Firmware
Schneider-electric Evlink Parking Evf2 Firmware
Schneider-electric Evlink Parking Ev.2 Firmware
Schneider-electric Evlink Smart Wallbox Evb1a Firmware
7.2
CVSSv3
CVE-2021-22708
A CWE-347: Improper Verification of Cryptographic Signature vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all versions prior to R...
Schneider-electric Evlink City Evc1s22p4 Firmware
Schneider-electric Evlink City Evc1s7p4 Firmware
Schneider-electric Evlink Parking Evw2 Firmware
Schneider-electric Evlink Parking Evf2 Firmware
Schneider-electric Evlink Parking Ev.2 Firmware
Schneider-electric Evlink Smart Wallbox Evb1a Firmware
4.9
CVSSv3
CVE-2022-23409
The Logs plugin prior to 3.0.4 for Craft CMS allows remote malicious users to read arbitrary files via input to actionStream in Controller.php.
Ethercreative Logs
6.1
CVSSv3
CVE-2019-6504
Insufficient output sanitization in the Automic Web Interface (AWI), in CA Automic Workload Automation 12.0 to 12.2, allow malicious users to potentially conduct persistent cross site scripting (XSS) attacks via a crafted object.
Broadcom Automic Workload Automation
9.8
CVSSv3
CVE-2019-12549
WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain hardcoded private keys for the SSH daemon. The fingerprint of the SSH host key from the corresponding SSH daemon matches the embedded private key.
Wago 852-303 Firmware
Wago 852-1305 Firmware
Wago 852-1505 Firmware
NA
CVE-2015-5277
The get_contents function in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) prior to 2.20 might allow local users to cause a denial of service (heap corruption) or gain privileges via a long line in the NSS files database.
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Hpc Node 7.0
Gnu Glibc
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »