Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sf vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2019-1913
Multiple vulnerabilities in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an unauthenticated, remote malicious user to overflow a buffer, which then allows the execution of arbitrary code with root privileges on the underlying operatin...
Cisco Sf-220-24 Firmware
Cisco Sf220-24p Firmware
Cisco Sf220-48 Firmware
Cisco Sf220-48p Firmware
Cisco Sg220-26 Firmware
Cisco Sg220-26p Firmware
Cisco Sg220-28 Firmware
Cisco Sg220-28mp Firmware
Cisco Sg220-50 Firmware
Cisco Sg220-50p Firmware
Cisco Sg220-52 Firmware
1 EDB exploit
1 Article
1000
VMScore
CVE-2017-3881
A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote malicious user to cause a reload of an affected device or remotely execute code with elevated privileges. The Cluster Manag...
Cisco Ios
Cisco Ios Xe
2 EDB exploits
6 Github repositories
2 Articles
1000
VMScore
CVE-2008-5353
The Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and previous versions; JDK and JRE 5.0 Update 16 and previous versions; and SDK and JRE 1.4.2_18 and previous versions does not properly enforce context of ZoneInfo objects during deserialization, which allows rem...
Sun Jdk 6
Sun Jre 6
Sun Jre 5.0
Sun Jre
Sun Jdk 5.0
Sun Sdk
Sun Sdk 1.4.2 14
Sun Jre 1.4.2 13
Sun Sdk 1.4.2 10
Sun Jre 1.4.2 9
Sun Sdk 1.4.2 6
Sun Jre 1.4.2 5
Sun Jre 1.4.2 1
Sun Sdk 1.4.2 1
Sun Jre 1.4.2 16
Sun Sdk 1.4.2 16
Sun Sdk 1.4.2 12
Sun Jre 1.4.2 11
Sun Sdk 1.4.2 8
Sun Jre 1.4.2 7
Sun Sdk 1.4.2 4
Sun Jre 1.4.2 3
4 EDB exploits
2 Github repositories
3 Articles
905
VMScore
CVE-2019-1914
A vulnerability in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an authenticated, remote malicious user to perform a command injection attack. The vulnerability is due to insufficient validation of user-supplied input. An attacker cou...
Cisco Sf-220-24 Firmware
Cisco Sf220-24p Firmware
Cisco Sf220-48 Firmware
Cisco Sf220-48p Firmware
Cisco Sg220-26 Firmware
Cisco Sg220-26p Firmware
Cisco Sg220-28 Firmware
Cisco Sg220-28mp Firmware
Cisco Sg220-50 Firmware
Cisco Sg220-50p Firmware
Cisco Sg220-52 Firmware
1 EDB exploit
890
VMScore
CVE-2021-27198
An issue exists in Visualware MyConnection Server before v11.1a. Unauthenticated Remote Code Execution can occur via Arbitrary File Upload in the web service when using a myspeed/sf?filename= URI. This application is written in Java and is thus cross-platform. The Windows install...
Visualware Myconnection Server
890
VMScore
CVE-2009-3027
VRTSweb.exe in VRTSweb in Symantec Backup Exec Continuous Protection Server (CPS) 11d, 12.0, and 12.5; Veritas NetBackup Operations Manager (NOM) 6.0 GA up to and including 6.5.5; Veritas Backup Reporter (VBR) 6.0 GA up to and including 6.6; Veritas Storage Foundation (SF) 3.5; V...
Symantec Veritas Backup Exec 11d
Symantec Veritas Backup Exec 12.0
Symantec Veritas Storage Foundation For Sybase 5.0
Symantec Veritas Storage Foundation For Oracle Real Application Cluster 5.0
Symantec Veritas Storage Foundation For Oracle Real Application Cluster 4.1
Symantec Veritas Storage Foundation For Windows High Availability 4.3mp2
Symantec Veritas Netbackup Operations Manager 6.5.5
Symantec Veritas Netbackup Reporter 6.0 Ga
Symantec Veritas Storage Foundation For Windows High Availability 5.1
Symantec Veritas Storage Foundation For Windows High Availability 5.0rp2
Symantec Veritas Storage Foundation For Db2 4.1
Symantec Veritas Storage Foundation Manager 1.1
Symantec Veritas Storage Foundation Manager 1.1.1ux
Symantec Veritas Cluster Server 4.1
Symantec Veritas Cluster Server One 2.0.2
Symantec Veritas Application Director 1.1
Symantec Veritas Storage Foundation Cluster File System 5.0
Symantec Veritas Storage Foundation Cluster File System 4.1
Symantec Veritas Storage Foundation Cluster File System 4.0
Symantec Veritas Command Central Enterprise Reporter 5.0mp1
Symantec Veritas Command Central Enterprise Reporter 5.0mp1rp1
Symantec Veritas Netbackup Reporter 6.6
831
VMScore
CVE-2016-10033
The mailSend function in the isMail transport in PHPMailer prior to 5.2.18 might allow remote malicious users to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted Sender property.
Phpmailer Project Phpmailer
Wordpress Wordpress
Joomla Joomla\\!
9 EDB exploits
120 Github repositories
801
VMScore
CVE-2015-3974
EasyIO EasyIO-30P-SF controllers with firmware prior to 0.5.21 and 2.x prior to 2.0.5.21, as used in Accutrol, Bar-Tech Automation, Infocon/EasyIO, Honeywell Automation India, Johnson Controls, SyxthSENSE, Transformative Wave Technologies, Tridium Asia Pacific, and Tridium Europe...
Easyio Easyio-30p-sf Firmware
Easyio Easyio-30p-sf
792
VMScore
CVE-2016-10045
The isMail transport in PHPMailer prior to 5.2.20 might allow remote malicious users to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshellarg function and internal escaping performed in the ...
Phpmailer Project Phpmailer
Wordpress Wordpress
Joomla Joomla\\!
3 EDB exploits
91 Github repositories
766
VMScore
CVE-2019-1458
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2008 R2
Microsoft Windows 10 1607
Microsoft Windows 8.1 -
Microsoft Windows Server 2016 -
Microsoft Windows 7 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2012 -
Microsoft Windows 10 -
Microsoft Windows Server 2008 -
1 EDB exploit
1 Metasploit module
2 Github repositories
5 Articles
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »