Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
spread vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2022-1739
The tested version of Dominion Voting Systems ImageCast X does not validate application signatures to a trusted root certificate. Use of a trusted root certificate ensures software installed on a device is traceable to, or verifiable against, a cryptographic key provided by the m...
Dominionvoting Imagecast X
Dominionvoting Imagecast X 5.5.10.32
Dominionvoting Imagecast X 5.5.10.30
5
CVSSv2
CVE-2020-10269
One of the wireless interfaces within MiR100, MiR200 and possibly (according to the vendor) other MiR fleet vehicles comes pre-configured in WiFi Master (Access Point) mode. Credentials to such wireless Access Point default to well known and widely spread SSID (MiR_RXXXX) and pas...
Aliasrobotics Mir100 Firmware
Aliasrobotics Mir200 Firmware
Aliasrobotics Mir250 Firmware
Aliasrobotics Mir500 Firmware
Aliasrobotics Mir1000 Firmware
Mobile-industrial-robotics Er200 Firmware
Enabled-robotics Er-lite Firmware
Enabled-robotics Er-flex Firmware
Enabled-robotics Er-one Firmware
Uvd-robots Uvd Robots Firmware
4.3
CVSSv2
CVE-2020-26505
A Stored Cross-Site Scripting (XSS) vulnerability in the “Marmind” web application with version 4.1.141.0 allows an malicious user to inject code that will later be executed by legitimate users when they open the assets containing the JavaScript code. This would allow...
Marmind Marmind 4.1.141.0
5
CVSSv2
CVE-2022-2309
NULL Pointer Dereference allows malicious users to cause a denial of service (or application crash). This only applies when lxml is used together with libxml2 2.9.10 up to and including 2.9.14. libxml2 2.9.9 and previous versions are not affected. It allows triggering crashes thr...
Lxml Lxml
Fedoraproject Fedora 36
Fedoraproject Fedora 37
5
CVSSv2
CVE-2020-10270
Out of the wired and wireless interfaces within MiR100, MiR200 and other vehicles from the MiR fleet, it's possible to access the Control Dashboard on a hardcoded IP address. Credentials to such wireless interface default to well known and widely spread users (omitted) and p...
Aliasrobotics Mir100 Firmware
Aliasrobotics Mir200 Firmware
Aliasrobotics Mir250 Firmware
Aliasrobotics Mir500 Firmware
Aliasrobotics Mir1000 Firmware
Mobile-industrial-robotics Er200 Firmware
Enabled-robotics Er-lite Firmware
Enabled-robotics Er-flex Firmware
Enabled-robotics Er-one Firmware
Uvd-robots Uvd Robots Firmware
6.8
CVSSv2
CVE-2021-21353
Pug is an npm package which is a high-performance template engine. In pug before version 3.0.1, if a remote attacker was able to control the `pretty` option of the pug compiler, e.g. if you spread a user provided object such as the query parameters of a request into the pug templ...
Pugjs Pug
Pugjs Pug-code-gen
3.5
CVSSv2
CVE-2016-7168
Cross-site scripting (XSS) vulnerability in the media_handle_upload function in wp-admin/includes/media.php in WordPress prior to 4.6.1 might allow remote malicious users to inject arbitrary web script or HTML by tricking an administrator into uploading an image file that has a c...
Wordpress Wordpress
11 Github repositories
7.5
CVSSv2
CVE-2003-0284
Adobe Acrobat 5 does not properly validate JavaScript in PDF files, which allows remote malicious users to write arbitrary files into the Plug-ins folder that spread to other PDF documents, as demonstrated by the W32.Yourde virus.
Adobe Acrobat 5.0
2.6
CVSSv2
CVE-2005-1790
Microsoft Internet Explorer 6 SP2 6.0.2900.2180 and 6.0.2800.1106, and previous versions versions, allows remote malicious users to cause a denial of service (crash) and execute arbitrary code via a Javascript BODY onload event that calls the window function, aka "Mismatched...
Microsoft Internet Explorer 6.0.2900.2180
Microsoft Internet Explorer 6.0.2800.1106
1 EDB exploit
10
CVSSv2
CVE-2011-3544
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and previous versions allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unkn...
Sun Jre 1.7.0
Sun Jdk 1.7.0
Sun Jre 1.6.0
Sun Jdk 1.6.0
Sun Jre
Sun Jdk
1 EDB exploit
1 Github repository
15 Articles
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »