Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
v9 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-14224
A vulnerability in the MIME message handling of the HCL Notes v9 client could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow. This could allow a remote malicious user to crash the Notes application or inject code into the system which...
Hcltech Notes 9.0
Hcltech Notes 9.0.1
9.8
CVSSv3
CVE-2018-13862
Touchpad / Trivum WebTouch Setup V9 V2.53 build 13163 of Apr 6 2018 09:10:14 (FW 303) allow unauthorized remote malicious users to reset the authentication via the "/xml/system/setAttribute.xml" URL, using the GET request "?id=0&attr=protectAccess&newValue=...
Trivum Webtouch Setup V9 Firmware 2.53
1 EDB exploit
9.8
CVSSv3
CVE-2018-13861
Touchpad / Trivum WebTouch Setup V9 V2.53 build 13163 of Apr 6 2018 09:10:14 (FW 303) allows unauthorized remote malicious users to reboot or execute other functions via the "/xml/system/control.xml" URL, using the GET request "?action=reboot" for example.
Trivum Webtouch Setup V9 Firmware 2.53
9.8
CVSSv3
CVE-2017-12478
It exists that the api/storage web interface in Unitrends Backup (UB) prior to 10.0.0 has an issue in which one of its input parameters was not validated. A remote attacker could use this flaw to bypass authentication and execute arbitrary commands with root privilege on the targ...
Kaseya Unitrends Backup
3 EDB exploits
9.8
CVSSv3
CVE-2016-8964
IBM BigFix Inventory v9 9.2 uses an inadequate account lockout setting that could allow a remote malicious user to brute force account credentials. IBM X-Force ID: 118853.
Ibm License Metric Tool
Ibm Bigfix Inventory
8.8
CVSSv3
CVE-2022-46610
72crm v9 exists to contain an arbitrary file upload vulnerability via the avatar upload function. This vulnerability allows malicious users to execute arbitrary code via a crafted PHP file.
72crm Wukong Crm 9.0
8.8
CVSSv3
CVE-2021-22954
A cross-site request forgery vulnerability exists in Concrete CMS <v9 that could allow an malicious user to make requests on behalf of other users.
Concretecms Concrete Cms
1 Github repository
8.8
CVSSv3
CVE-2021-31894
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and previous versions (All versions), SIMATIC PCS 7 V9.X (All versions < V9.1 SP2), SIMATIC PDM (All versions < V9.2 SP2), SIMATIC STEP 7 V5.X (All versions < V5.7), SINAMICS STARTER (containing STEP 7 OEM version...
Siemens Simatic Pcs 7 Firmware
Siemens Simatic Pcs 7 Firmware 9.0
Siemens Simatic Pdm Firmware -
Siemens Simatic Step 7 Firmware
Siemens Sinamics Starter Firmware
Siemens Sinamics Starter Firmware 5.4
8.8
CVSSv3
CVE-2020-14231
A vulnerability in the input parameter handling of HCL Client Application Access v9 could potentially be exploited by an authenticated attacker resulting in a stack buffer overflow. This could allow the malicious user to crash the program or inject code into the system which woul...
Hcltechsw Hcl Client Application Access 9.0
8.8
CVSSv3
CVE-2020-14232
A vulnerability in the input parameter handling of HCL Notes v9 could potentially be exploited by an authenticated attacker resulting in a stack buffer overflow. This could allow the malicious user to crash the program or inject code into the system which would execute with the p...
Hcltech Notes 9.0
Hcltech Notes 9.0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »