Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
system recovery vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-40760
User enumeration is found in PHP Jabbers Hotel Booking System v4.0. This issue occurs during password recovery, where a difference in messages could allow an malicious user to determine if the user is valid or not, enabling a brute force attack with valid users.
Phpjabbers Hotel Booking System 4.0
7.5
CVSSv3
CVE-2023-36135
User enumeration is found in in PHPJabbers Class Scheduling System v1.0. This issue occurs during password recovery, where a difference in messages could allow an malicious user to determine if the user is valid or not, enabling a brute force attack with valid users.
Phpjabbers Class Scheduling System 1.0
9.8
CVSSv3
CVE-2023-3346
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in MITSUBSHI CNC Series allows a remote unauthenticated malicious user to cause Denial of Service (DoS) condition and execute arbitrary code on the product by sending specially crafted ...
Mitsubishielectric C80 Firmware -
Mitsubishielectric E70 Firmware -
Mitsubishielectric E80 Firmware -
Mitsubishielectric M70v Firmware -
Mitsubishielectric M720vs Firmware -
Mitsubishielectric M720vs 15-type Firmware -
Mitsubishielectric M720vw Firmware -
Mitsubishielectric M730vs Firmware -
Mitsubishielectric M730vs 15-type Firmware -
Mitsubishielectric M730vw Firmware -
Mitsubishielectric M750vs Firmware -
Mitsubishielectric M750vs 15-type Firmware -
Mitsubishielectric M750vw Firmware -
Mitsubishielectric M80 Firmware -
Mitsubishielectric M800s Firmware -
Mitsubishielectric M800vs Firmware -
Mitsubishielectric M800vw Firmware -
Mitsubishielectric M800w Firmware -
Mitsubishielectric M80v Firmware -
Mitsubishielectric M80vw Firmware -
Mitsubishielectric M80w Firmware -
8.8
CVSSv3
CVE-2023-32465
Dell Power Protect Cyber Recovery, contains an Authentication Bypass vulnerability. An attacker could potentially exploit this vulnerability, leading to unauthorized admin access to the Cyber Recovery application. Exploitation may lead to complete system takeover by an attacker....
Dell Powerprotect Cyber Recovery
7.8
CVSSv3
CVE-2023-28066
Dell OS Recovery Tool, versions 2.2.4013 and 2.3.7012.0, contain an Improper Access Control Vulnerability. A local authenticated non-administrator user could potentially exploit this vulnerability in order to elevate privileges on the system.
Dell Os Recovery Tool 2.3.7012.0
Dell Os Recovery Tool 2.2.4013
9.8
CVSSv3
CVE-2023-3007
A vulnerability was found in ningzichun Student Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file resetPassword.php of the component Password Reset Handler. The manipulation of the argument sid leads to weak pas...
Student Management System Project Student Management System 1.0
8.1
CVSSv3
CVE-2023-1424
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules and MELSEC iQ-R Series CPU modules allows a remote unauthenticated malicious user to cause a denial of service (DoS) co...
Mitsubishielectric Melsec Iq-fx5u-32mr\\/ds Firmware -
Mitsubishielectric Melsec Iq-fx5u-32mr\\/dss Firmware -
Mitsubishielectric Melsec Iq-fx5u-32mr\\/es Firmware -
Mitsubishielectric Melsec Iq-fx5u-32mr\\/ess Firmware -
Mitsubishielectric Melsec Iq-fx5u-32mt\\/ds Firmware -
Mitsubishielectric Melsec Iq-fx5u-32mt\\/dss Firmware -
Mitsubishielectric Melsec Iq-fx5u-32mt\\/es Firmware -
Mitsubishielectric Melsec Iq-fx5u-32mt\\/ess Firmware -
Mitsubishielectric Melsec Iq-fx5u-64mr\\/ds Firmware -
Mitsubishielectric Melsec Iq-fx5u-64mr\\/dss Firmware -
Mitsubishielectric Melsec Iq-fx5u-64mr\\/es Firmware -
Mitsubishielectric Melsec Iq-fx5u-64mr\\/ess Firmware -
Mitsubishielectric Melsec Iq-fx5u-64mt\\/ds Firmware -
Mitsubishielectric Melsec Iq-fx5u-64mt\\/dss Firmware -
Mitsubishielectric Melsec Iq-fx5u-64mt\\/es Firmware -
Mitsubishielectric Melsec Iq-fx5u-64mt\\/ess Firmware -
Mitsubishielectric Melsec Iq-fx5u-80mr\\/ds Firmware -
Mitsubishielectric Melsec Iq-fx5u-80mr\\/dss Firmware -
Mitsubishielectric Melsec Iq-fx5u-80mr\\/es Firmware -
Mitsubishielectric Melsec Iq-fx5u-80mr\\/ess Firmware -
Mitsubishielectric Melsec Iq-fx5u-80mt\\/ds Firmware -
Mitsubishielectric Melsec Iq-fx5u-80mt\\/dss Firmware -
6.5
CVSSv3
CVE-2023-28484
In libxml2 prior to 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c.
Xmlsoft Libxml2
Debian Debian Linux 10.0
6.5
CVSSv3
CVE-2023-29469
An issue exists in libxml2 prior to 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an...
Xmlsoft Libxml2
Debian Debian Linux 10.0
1 Github repository
6.8
CVSSv3
CVE-2023-28972
An Improper Link Resolution Before File Access vulnerability in console port access of Juniper Networks Junos OS on NFX Series allows an malicious user to bypass console access controls. When "set system ports console insecure" is enabled, root login is disallowed for J...
Juniper Junos 19.2
Juniper Junos 19.3
Juniper Junos 19.4
Juniper Junos 20.2
Juniper Junos 20.4
Juniper Junos 21.1
Juniper Junos 21.2
Juniper Junos 21.3
Juniper Junos 21.4
Juniper Junos 22.1
Juniper Junos 22.2
Juniper Junos 22.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »