Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tom vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-5187
Directory traversal vulnerability in the Tom M8te (tom-m8te) plugin 1.5.3 for WordPress allows remote malicious users to read arbitrary files via the file parameter to tom-download-file.php.
Tom M8te Plugin Project Tom-m8te Plugin 1.5.3
9.3
CVSSv3
CVE-2022-31544
The meerstein/rbtm repository up to and including 1.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Xtomo Robo-tom
NA
CVE-2012-5917
SnackAmp 3.1.3 allows remote malicious users to cause a denial of service (application crash) via a long string in an aiff file.
Tom Wilkason Snackamp 3.1.3
1 EDB exploit
NA
CVE-2011-2217
Certain ActiveX controls in (1) tsgetxu71ex552.dll and (2) tsgetx71ex552.dll in Tom Sawyer GET Extension Factory 5.5.2.237, as used in VI Client (aka VMware Infrastructure Client) 2.0.2 before Build 230598 and 2.5 before Build 204931 in VMware Infrastructure 3, do not properly ha...
Tomsawyer Get Extension Factory 5.5.2.237
Vmware Virtual Infrastructure Client 2.0.2
Vmware Virtual Infrastructure Client 2.5
Vmware Infrastructure 3
1 EDB exploit
8.8
CVSSv3
CVE-2023-24007
Cross-Site Request Forgery (CSRF) vulnerability in TheOnlineHero - Tom Skroza Admin Block Country plugin <= 7.1.4 versions.
Admin Block Country Project Admin Block Country
8.8
CVSSv3
CVE-2023-44998
Cross-Site Request Forgery (CSRF) vulnerability in josecoelho, Randy Hoyt, steveclarkcouk, Vitaliy Kukin, Eric Le Bail, Tom Ransom Category Meta plugin plugin <= 1.2.8 versions.
Randyhoyt Category Meta
7.5
CVSSv3
CVE-2023-41259
Best Practical Request Tracker (RT) prior to 4.4.7 and 5.x prior to 5.0.5 allows Information Disclosure via fake or spoofed RT email headers in an email message or a mail-gateway REST API call.
Bestpractical Request Tracker
7.5
CVSSv3
CVE-2023-41260
Best Practical Request Tracker (RT) prior to 4.4.7 and 5.x prior to 5.0.5 allows Information Exposure in responses to mail-gateway REST API calls.
Bestpractical Request Tracker
7.2
CVSSv3
CVE-2022-37967
Windows Kerberos Elevation of Privilege Vulnerability
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2008 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2019 -
Microsoft Windows Server 2022 -
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Netapp Management Services For Element Software -
Netapp Management Services For Netapp Hci -
Samba Samba
9 Github repositories
1 Article
8.1
CVSSv3
CVE-2022-37966
Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2008 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2019 -
Microsoft Windows Server 2022 -
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Netapp Management Services For Element Software -
Netapp Management Services For Netapp Hci -
Samba Samba
3 Github repositories
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »