Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
shell vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-4577
CVE-2024-4577: PHP CGI Argument Injection (XAMPP) 💀 Features ✨ Multi-threaded scanning Single URL or bulk URL checks from a file Interactive exploitation shell Installation 💻 Get started by cloning the repository and installing dependencies: git clone https://github.com/Chocapi...
12 Github repositories
NA
CVE-2024-1880
An OS command injection vulnerability exists in the MacOS Text-To-Speech class MacOSTTS of the significant-gravitas/autogpt project, affecting versions up to v0.5.0. The vulnerability arises from the improper neutralization of special elements used in an OS command within the `_s...
NA
CVE-2024-1881
AutoGPT, a component of significant-gravitas/autogpt, is vulnerable to an improper neutralization of special elements used in an OS command ('OS Command Injection') due to a flaw in its shell command validation function. Specifically, the vulnerability exists in version...
NA
CVE-2024-36472
In GNOME Shell up to and including 45.7, a portal helper can be launched automatically (without user confirmation) based on network responses provided by an adversary (e.g., an adversary who controls the local Wi-Fi network), and subsequently loads untrusted JavaScript code, whic...
NA
CVE-2023-52711
Various Issues Due To Exposed SMI Handler in AmdPspP2CmboxV2. The first issue can be leveraged to bypass the protections that have been put in place by previous UEFI phases to prevent direct access to the SPI flash. The second issue can be used to both leak and corrupt SMM memory...
NA
CVE-2024-5407
A vulnerability in RhinOS 3.0-1190 could allow PHP code injection through the "search" parameter in /portal/search.htm. This vulnerability could allow a remote malicious user to perform a reverse shell on the remote system, compromising the entire infrastructure.
NA
CVE-2024-22026
A local privilege escalation vulnerability in EPMM prior to 12.1.0.0 allows an authenticated local user to bypass shell restriction and execute arbitrary commands on the appliance.
Ivanti Endpoint Manager Mobile
1 Github repository
NA
CVE-2024-22274
The vCenter Server contains an authenticated remote code execution vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to run arbitrary commands on the underlying operating system.
NA
CVE-2024-22275
The vCenter Server contains a partial file read vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to partially read arbitrary files containing sensitive data.
NA
CVE_2024_20356
CVE-2024-20356 This is a proof of concept for CVE-2024-20356, a Command Injection vulnerability in Cisco's CIMC. Written by Aaron and Oxidised by Sherllyneo Full technical details can be found at https://labs.nettitude.com/blog/cve-2024-20356-jailbreaking-a-cisco-appliance-t...
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code‎
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »