Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
storm vulnerabilities and exploits
(subscribe to this query)
935
VMScore
CVE-2010-3127
Untrusted search path vulnerability in Adobe PhotoShop CS2 through CS5 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll or Wintab32.dll that is located in the same folder as a PSD or other...
Adobe Photoshop 12.0
Adobe Photoshop 10.0
Adobe Photoshop 11.0
Adobe Photoshop 9.0
Adobe Photoshop 9.0.1
Adobe Photoshop 9.0.2
1 EDB exploit
935
VMScore
CVE-2009-2617
Stack-based buffer overflow in medialib.dll in BaoFeng Storm 3.9.62 allows remote malicious users to execute arbitrary code via a long pathname in the source attribute of an item element in a .smpl playlist file.
Baofeng Storm 3.9.62
1 EDB exploit
935
VMScore
CVE-2009-1807
Unspecified vulnerability in Config.dll in Baofeng products 3.09.04.17 and previous versions allows remote malicious users to execute arbitrary code by calling the SetAttributeValue method, as exploited in the wild in April and May 2009.
Baofeng Storm 2.7.9 8
Baofeng Storm 2.8
Baofeng Storm 2.9
Baofeng Storm
Baofeng Storm 2.7.9 10
1 EDB exploit
935
VMScore
CVE-2007-4939
Heap-based buffer overflow in mplayerc.exe in Media Player Classic (MPC) 6.4.9.0 and previous versions, as used standalone and in mympc (aka CD-Storm) 1.0.0.1, StormPlayer 1.0.4, and possibly other products, allows remote malicious users to cause a denial of service (application ...
Mympc Cd-storm 1.0.0.1
Verycd Stormplayer 1.0.4
Guliverkli Media Player Classic
1 EDB exploit
890
VMScore
CVE-2020-29580
The official storm Docker images prior to 1.2.1 contain a blank password for a root user. Systems using the Storm Docker container deployed by affected versions of the Docker image may allow an remote malicious user to achieve root access with a blank password.
Docker Storm Docker Image
890
VMScore
CVE-2019-12776
An issue exists on the ENTTEC Datagate MK2, Storm 24, Pixelator, and E-Streamer MK2 with firmware 70044_update_05032019-482. They include a hard-coded SSH backdoor for remote SSH and SCP access as the root user. A command in the relocate and relocate_revB scripts copies the hardc...
Enttec Datagate Mk2 Firmware 70044
Enttec Storm 24 Firmware 70044
Enttec Pixelator Firmware 70044
Enttec E-streamer Mk2 Firmware 70044
890
VMScore
CVE-2015-3188
The UI daemon in Apache Storm 0.10.0 prior to 0.10.0-beta1 allows remote malicious users to execute arbitrary code via unspecified vectors.
Apache Storm 0.10.0
890
VMScore
CVE-2012-2974
The web interface on the SMC SMC8024L2 switch allows remote malicious users to bypass authentication and obtain administrative access via a direct request to a .html file under (1) status/, (2) system/, (3) ports/, (4) trunks/, (5) vlans/, (6) qos/, (7) rstp/, (8) dot1x/, (9) sec...
Smc Smc8024l2 Switch
890
VMScore
CVE-2008-0405
Multiple directory traversal vulnerabilities in HTTP File Server (HFS) prior to 2.2c, when account names are used as log filenames, allow remote malicious users to create arbitrary (1) files and (2) directories via a .. (dot dot) in an account name, when requesting the / URI; and...
Hfs Http File Server
828
VMScore
CVE-2007-4940
Multiple integer overflows in Media Player Classic (MPC) 6.4.9.0 and previous versions, as used standalone and in mympc (aka CD-Storm) 1.0.0.1, StormPlayer 1.0.4, and possibly other products, allow remote malicious users to cause a denial of service (application crash) or possibl...
Guliverkli Media Player Classic
Mympc Cd-storm 1.0.0.1
Verycd Stormplayer 1.0.4
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »