Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sk vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2019-13553
Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. The authentication mechanism on affected systems is configured using hard-coded credentials. These credentials could allow malicious users to influence the primary operations of...
Carel Pcoweb Firmware
9.3
CVSSv2
CVE-2020-10255
Modern DRAM chips (DDR4 and LPDDR4 after 2015) are affected by a vulnerability in deployment of internal mitigations against RowHammer attacks known as Target Row Refresh (TRR), aka the TRRespass issue. To exploit this vulnerability, the attacker needs to create certain access pa...
Micron Ddr4 Sdram -
Micron Lpddr4 -
Samsung Ddr4 -
Samsung Lpddr4 -
Skhynix Ddr4 Sdram -
Skhynix Lpddr4 -
7.9
CVSSv2
CVE-2021-42114
Modern DRAM devices (PC-DDR4, LPDDR4X) are affected by a vulnerability in their internal Target Row Refresh (TRR) mitigation against Rowhammer attacks. Novel non-uniform Rowhammer access patterns, consisting of aggressors with different frequencies, phases, and amplitudes allow t...
Samsung Ddr4 Sdram Firmware -
Samsung Lddr4 Firmware -
Micron Lddr4 Firmware -
Micron Ddr4 Sdram Firmware -
Skhynix Ddr4 Sdram Firmware -
Skhynix Lddr4 Firmware -
1 Article
7.5
CVSSv2
CVE-2010-1019
SQL injection vulnerability in the Simple Gallery (sk_simplegallery) extension 0.0.9 and previous versions for TYPO3 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Sk-typo3 Sk Simplegallery 0.0.1
Sk-typo3 Sk Simplegallery
7.5
CVSSv2
CVE-2006-7170
Multiple SQL injection vulnerabilities in Koan Software Mega Mall allow remote malicious users to execute arbitrary SQL commands via the (1) t, (2) productId, (3) sk, (4) x, or (5) so parameter to (a) product_review.php; or the (6) orderNo parameter to (b) order-track.php.
Koan Software Mega Mall
2 EDB exploits
7.2
CVSSv2
CVE-2019-1585
A vulnerability in the controller authorization functionality of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local malicious user to escalate standard users with root privilege on an affected device. The vulnerability is due to a misconfiguratio...
Cisco Nx-os 8.3\\(0\\)sk\\(0.39\\)
Cisco Application Policy Infrastructure Controller Software
6.9
CVSSv2
CVE-2021-23133
A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) prior to 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr_wq_lock then an element ...
Linux Linux Kernel
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 9.0
Netapp Cloud Backup -
Netapp Solidfire \\& Hci Management Node -
Broadcom Brocade Fabric Operating System -
Netapp H410c Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Netapp Solidfire Baseboard Management Controller Firmware -
6.8
CVSSv2
CVE-2019-1590
A vulnerability in the Transport Layer Security (TLS) certificate validation functionality of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote malicious user to perform insecure TLS client authentication ...
Cisco Nx-os 14.1\\(0.90\\)
Cisco Nx-os 8.3\\(0\\)sk\\(0.39\\)
6.8
CVSSv2
CVE-2006-1661
Multiple cross-site scripting (XSS) vulnerabilities in SKForum 1.5 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) areaID parameter in area.View.action, (2) time parameter in planning.View.action, and (3) userID parameter in u...
Sk Soft Skforum
3 EDB exploits
5.4
CVSSv2
CVE-2014-7402
The SK encar (aka com.encardirect.app) application @7F050000 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Encardirect Sk Encar \\@7f050000
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »