Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sinn3r vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2015-8249
The FileUploadServlet class in ManageEngine Desktop Central 9 before build 91093 allows remote malicious users to upload and execute arbitrary files via the ConnectionId parameter.
Manageengine Desktop Central 9.0
1 EDB exploit
3 Github repositories
NA
CVE-2010-3275
libdirectx_plugin.dll in VideoLAN VLC Media Player prior to 1.1.8 allows remote malicious users to execute arbitrary code via a crafted width in an AMV file, related to a "dangling pointer vulnerability."
Videolan Vlc Media Player 0.4.1
Videolan Vlc Media Player 0.2.83
Videolan Vlc Media Player 0.2.82
Videolan Vlc Media Player 0.2.63
Videolan Vlc Media Player 0.2.70
Videolan Vlc Media Player 0.4.3
Videolan Vlc Media Player 0.4.2
Videolan Vlc Media Player 0.2.62
Videolan Vlc Media Player 0.2.61
Videolan Vlc Media Player 0.5.3
Videolan Vlc Media Player 0.7.0
Videolan Vlc Media Player 0.6.2
Videolan Vlc Media Player 0.8.6
Videolan Vlc Media Player 0.9.10
Videolan Vlc Media Player 0.9.9
Videolan Vlc Media Player 1.0.0
Videolan Vlc Media Player 1.1.3
Videolan Vlc Media Player 1.0.5
Videolan Vlc Media Player 0.3.0
Videolan Vlc Media Player 0.2.92
Videolan Vlc Media Player 0.2.73
Videolan Vlc Media Player 0.5.1
1 EDB exploit
NA
CVE-2013-3893
Use-after-free vulnerability in the SetMouseCapture implementation in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote malicious users to execute arbitrary code via crafted JavaScript strings, as demonstrated by use of an ms-help: URL that triggers loading of ...
Microsoft Internet Explorer 11
Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
1 EDB exploit
6 Github repositories
8 Articles
NA
CVE-2013-3906
GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Lync 2010, 2010 Attendee, 2013, and Basic 2013 allows remote malicious users to execute arbitrary code via a crafted TIFF image, as demonst...
Microsoft Office 2010
Microsoft Office 2007
Microsoft Office 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Lync 2010
Microsoft Lync 2013
Microsoft Lync Basic 2013
1 EDB exploit
2 Github repositories
5 Articles
NA
CVE-2009-4179
Stack-based buffer overflow in ovalarm.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote malicious users to execute arbitrary code via a long HTTP Accept-Language header in an OVABverbose action.
Hp Openview Network Node Manager 7.51
Hp Openview Network Node Manager 7.0.1
Hp Openview Network Node Manager 7.53
2 EDB exploits
8.8
CVSSv3
CVE-2011-0611
Adobe Flash Player prior to 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and previous versions on Android; Adobe AIR prior to 2.6.19140; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader 9.x prior to 9.4.4 and 10.x up to and including 10.0.1 on Win...
Adobe Flash Player
Adobe Acrobat Reader
Adobe Adobe Air
Adobe Acrobat
Google Chrome
Suse Linux Enterprise Desktop 11
Opensuse Opensuse 11.4
Opensuse Opensuse 11.2
Opensuse Opensuse 11.3
Suse Linux Enterprise Desktop 10
2 EDB exploits
3 Github repositories
4 Articles
NA
CVE-2012-0779
Adobe Flash Player prior to 10.3.183.19 and 11.x prior to 11.2.202.235 on Windows, Mac OS X, and Linux; prior to 11.1.111.9 on Android 2.x and 3.x; and prior to 11.1.115.8 on Android 4.x allows remote malicious users to execute arbitrary code via a crafted file, related to an &qu...
Adobe Flash Player
1 EDB exploit
1 Github repository
8.1
CVSSv3
CVE-2019-0232
When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in Apache Tomcat 9.0.0.M1 to 9.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 is vulnerable to Remote Code Execution due to a bug in the way the JRE passes command line arguments to Windows. The CGI Servlet i...
Apache Tomcat
Apache Tomcat 9.0.0
1 EDB exploit
8 Github repositories
9.8
CVSSv3
CVE-2019-5420
A remote code execution vulnerability in development mode Rails <5.2.2.1, <6.0.0.beta3 can allow an malicious user to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals to escalate to a re...
Rubyonrails Rails
Rubyonrails Rails 6.0.0
Debian Debian Linux 8.0
Fedoraproject Fedora 30
1 EDB exploit
17 Github repositories
NA
CVE-2011-2462
Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and previous versions on Windows and Mac OS X, and Adobe Reader 9.x up to and including 9.4.6 on UNIX, allows remote malicious users to execute arbitrary code or cause a denial of service (memory co...
Adobe Acrobat Reader 10.0.1
Adobe Acrobat Reader 10.0
Adobe Acrobat Reader 9.1.3
Adobe Acrobat Reader 9.0
Adobe Acrobat Reader 9.3.0
Adobe Acrobat Reader 9.3.2
Adobe Acrobat Reader 8.1
Adobe Acrobat Reader 8.1.7
Adobe Acrobat Reader 7.0.7
Adobe Acrobat Reader 7.1.0
Adobe Acrobat Reader 7.0.1
Adobe Acrobat Reader 7.0
Adobe Acrobat Reader 5.1
Adobe Acrobat Reader 5.0.9
Adobe Acrobat Reader 5.0.7
Adobe Acrobat Reader 4.5
Adobe Acrobat Reader 4.0
Adobe Acrobat Reader 9.1.2
Adobe Acrobat Reader 9.2
Adobe Acrobat Reader 9
Adobe Acrobat Reader 9.3
Adobe Acrobat Reader 9.3.4
1 EDB exploit
4 Github repositories
3 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »