Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sub vulnerabilities and exploits
(subscribe to this query)
7.7
CVSSv3
CVE-2022-46171
Tauri is a framework for building binaries for all major desktop platforms. The filesystem glob pattern wildcards `*`, `?`, and `[...]` match file path literals and leading dots by default, which unintentionally exposes sub folder content of allowed paths. Scopes without the wild...
Tauri Tauri 2.0.0
Tauri Tauri
7.8
CVSSv3
CVE-2020-6112
An exploitable code execution vulnerability exists in the JPEG2000 Stripe Decoding functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242 when decoding sub-samples. While initializing tiles with sub-sample data, the application can miscalculate a pointer for the stri...
Gonitro Nitro Pro 13.16.2.300
Gonitro Nitro Pro 13.13.2.242
7
CVSSv3
CVE-2018-1141
When installing Nessus to a directory outside of the default location, Nessus versions before 7.0.3 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the installation location.
Tenable Nessus
NA
CVE-2024-3746
The entire parent directory - C:\ScadaPro and its sub-directories and files are configured by default to allow user, including unprivileged users, to write or overwrite files.
NA
CVE-2007-3012
The web interface in Fujitsu-Siemens Computers PRIMERGY BX300 Switch Blade allows remote malicious users to obtain sensitive information by canceling the authentication dialog when accessing a sub-page, which still displays the form field contents of the sub-page, as demonstrated...
Fujitsu Primergy Bx300
4.3
CVSSv3
CVE-2019-18461
An issue exists in GitLab Community and Enterprise Edition 11.3 up to and including 12.3 when a sub group epic is added to a public group. It has Incorrect Access Control.
Gitlab Gitlab
NA
CVE-2001-0706
Maximum Rumpus FTP Server 2.0.3 dev and before allows an malicious user to cause a denial of service (crash) via a mkdir command that specifies a large number of sub-folders.
Maxum Development Corporation Rumpus Ftp Server 1.3.4
Maxum Development Corporation Rumpus Ftp Server 1.3.5
Maxum Development Corporation Rumpus Ftp Server 2.0.3dev
Maxum Development Corporation Rumpus Ftp Server 1.3.2
1 EDB exploit
5.5
CVSSv3
CVE-2023-2162
A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.
Linux Linux Kernel
Linux Linux Kernel 6.2
7.5
CVSSv3
CVE-2023-31461
Attackers can exploit an open API listener on SteelSeries GG 36.0.0 to create a sub-application that will be executed automatically from a controlled location, because of a path traversal vulnerability.
Steelseries Gg 36.0.0
7.5
CVSSv3
CVE-2018-12511
In the mintToken function of a smart contract implementation for Substratum (SUB), an Ethereum ERC20 token, the administrator can control mintedAmount, leverage an integer overflow, and modify a user account's balance arbitrarily.
Substratum Substratum -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »