Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
static vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2018-16462
A command injection vulnerability in the apex-publish-static-files npm module version <2.0.1 which allows arbitrary shell command execution through a maliciously crafted argument.
Apex-publish-static-files Project Apex-publish-static-files
10
CVSSv3
CVE-2018-0268
A vulnerability in the container management subsystem of Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote malicious user to bypass authentication and gain elevated privileges. This vulnerability is due to an insecure default configuration of ...
Cisco Digital Network Architecture Center
1 Article
10
CVSSv3
CVE-2018-0222
A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote malicious user to log in to an affected system by using an administrative account that has default, static user credentials. The vulnerability is due to the presence of undoc...
Cisco Digital Network Architecture Center
9.8
CVSSv3
CVE-2024-23054
An issue in Plone Docker Official Image 5.2.13 (5221) open-source software that could allow for remote code execution due to a package listed in ++plone++static/components not existing in the public package index (npm).
Plone Plone Docker Official Image 5.2.13
9.8
CVSSv3
CVE-2023-20101
A vulnerability in Cisco Emergency Responder could allow an unauthenticated, remote malicious user to log in to an affected device using the root account, which has default, static credentials that cannot be changed or deleted. This vulnerability is due to the presence of static ...
Cisco Emergency Responder 12.5\\(1\\)su4
1 Article
9.8
CVSSv3
CVE-2023-5074
Use of a static key to protect a JWT token used in user authentication can allow an for an authentication bypass in D-Link D-View 8 v2.0.1.28
Dlink D-view 8 2.0.1.28
1 Github repository
9.8
CVSSv3
CVE-2023-34137
SonicWall GMS and Analytics CAS Web Services application use static values for authentication without proper checks leading to authentication bypass vulnerability. This issue affects GMS: 9.3.2-SP1 and previous versions versions; Analytics: 2.5.0.4-R7 and previous versions versio...
Sonicwall Global Management System
Sonicwall Analytics
Sonicwall Global Management System 9.3.2
9.8
CVSSv3
CVE-2023-1457
A vulnerability, which was classified as critical, was found in Ubiquiti EdgeRouter X 2.0.9-hotfix.6. Affected is an unknown function of the component Static Routing Configuration Handler. The manipulation of the argument next-hop-interface leads to command injection. It is possi...
Ui Edgerouter X Firmware 2.0.9
9.8
CVSSv3
CVE-2022-40988
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigg...
Siretta Quartz-gold Firmware G5.0.1.5-210720-141020
9.8
CVSSv3
CVE-2022-41005
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigg...
Siretta Quartz-gold Firmware G5.0.1.5-210720-141020
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »