Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
toolbox vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2008-0549
Integer overflow in the OggHeaderParse function in Steamcast 0.9.75 and previous versions allows remote authenticated users to cause a denial of service (daemon crash) via a long Ogg tag.
Radio Toolbox Steamcast
1000
VMScore
CVE-2008-0550
Off-by-one error in Steamcast 0.9.75 and previous versions allows remote malicious users to cause a denial of service (daemon crash) or execute arbitrary code via a certain HTTP request that leads to a buffer overflow, as demonstrated by a long User-Agent header.
Radio Toolbox Steamcast
1 EDB exploit
383
VMScore
CVE-2018-16718
An XSS vulnerability exists in wwwblast.c in the 2.0.7 up to and including 2.2.26 legacy versions of the NCBI ToolBox via a crafted -z1 argument.
Nih Ncbi Toolbox
668
VMScore
CVE-2018-16716
A path traversal vulnerability exists in viewcgi.c in the 2.0.7 up to and including 2.2.26 legacy versions of the NCBI ToolBox, which may result in reading of arbitrary files (i.e., significant information disclosure) or file deletion via the nph-viewgif.cgi query string.
Nih Ncbi Toolbox
668
VMScore
CVE-2018-16717
A heap-based buffer overflow exists in nph-viewgif.cgi in the 2.0.7 up to and including 2.2.26 legacy versions of the NCBI ToolBox.
Nih Ncbi Toolbox
685
VMScore
CVE-2007-6139
PHP remote file inclusion vulnerability in index.php in Mp3 ToolBox 1.0 beta 5 allows remote malicious users to execute arbitrary PHP code via a URL in the skin_file parameter.
Mp3 Toolbox 1.0 Beta 5
1 EDB exploit
312
VMScore
CVE-2021-29661
Softing AG OPC Toolbox up to and including 4.10.1.13035 allows /en/diag_values.html Stored XSS via the ITEMLISTVALUES##ITEMID parameter, resulting in JavaScript payload injection into the trace file. This payload will then be triggered every time an authenticated user browses the...
Softing Opc Toolbox
605
VMScore
CVE-2021-29660
A Cross-Site Request Forgery (CSRF) vulnerability in en/cfg_setpwd.html in Softing AG OPC Toolbox up to and including 4.10.1.13035 allows malicious users to reset the administrative password by inducing the Administrator user to browse a URL controlled by an attacker.
Softing Opc Toolbox
NA
CVE-2023-50823
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wipeout Media CSS & JavaScript Toolbox allows Stored XSS.This issue affects CSS & JavaScript Toolbox: from n/a up to and including 11.7.
Wipeoutmedia Css \\& Javascript Toolbox
NA
CVE-2023-38641
A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.10). The affected application's database service is executed as `NT AUTHORITY\SYSTEM`. This could allow a local malicious user to execute operating system commands with elevated privileges.
Siemens Sicam Toolbox Ii
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »