Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
toolbox vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2021-29660
A Cross-Site Request Forgery (CSRF) vulnerability in en/cfg_setpwd.html in Softing AG OPC Toolbox up to and including 4.10.1.13035 allows malicious users to reset the administrative password by inducing the Administrator user to browse a URL controlled by an attacker.
Softing Opc Toolbox
3.5
CVSSv2
CVE-2021-29661
Softing AG OPC Toolbox up to and including 4.10.1.13035 allows /en/diag_values.html Stored XSS via the ITEMLISTVALUES##ITEMID parameter, resulting in JavaScript payload injection into the trace file. This payload will then be triggered every time an authenticated user browses the...
Softing Opc Toolbox
7.5
CVSSv2
CVE-2018-16716
A path traversal vulnerability exists in viewcgi.c in the 2.0.7 up to and including 2.2.26 legacy versions of the NCBI ToolBox, which may result in reading of arbitrary files (i.e., significant information disclosure) or file deletion via the nph-viewgif.cgi query string.
Nih Ncbi Toolbox
4.3
CVSSv2
CVE-2018-16718
An XSS vulnerability exists in wwwblast.c in the 2.0.7 up to and including 2.2.26 legacy versions of the NCBI ToolBox via a crafted -z1 argument.
Nih Ncbi Toolbox
10
CVSSv2
CVE-2008-0550
Off-by-one error in Steamcast 0.9.75 and previous versions allows remote malicious users to cause a denial of service (daemon crash) or execute arbitrary code via a certain HTTP request that leads to a buffer overflow, as demonstrated by a long User-Agent header.
Radio Toolbox Steamcast
1 EDB exploit
7.5
CVSSv2
CVE-2018-16717
A heap-based buffer overflow exists in nph-viewgif.cgi in the 2.0.7 up to and including 2.2.26 legacy versions of the NCBI ToolBox.
Nih Ncbi Toolbox
5
CVSSv2
CVE-2008-0548
Steamcast 0.9.75 and previous versions allows remote malicious users to cause a denial of service (daemon crash) via a large integer in the Content-Length HTTP header, which triggers a NULL dereference when malloc fails.
Radio Toolbox Steamcast
5
CVSSv2
CVE-2008-0549
Integer overflow in the OggHeaderParse function in Steamcast 0.9.75 and previous versions allows remote authenticated users to cause a denial of service (daemon crash) via a long Ogg tag.
Radio Toolbox Steamcast
4
CVSSv2
CVE-2021-45106
A vulnerability has been identified in SICAM TOOLBOX II (All versions). Affected applications use a circumventable access control within a database service. This could allow an malicious user to access the database.
Siemens Sicam Toolbox Ii -
NA
CVE-2022-39062
A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.10). Affected applications do not properly set permissions for product folders. This could allow an authenticated attacker with low privileges to replace DLLs and conduct a privilege escalation.
Siemens Sicam Toolbox Ii
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298
CVE-2024-20356
CVE-2023-21987
CVE-2024-33217
bypass
CVE-2024-31804
CVE-2024-32660
unauthorized
SSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »