Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
w3bd3vil vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2015-3334
browser/ui/website_settings/website_settings.cc in Google Chrome prior to 42.0.2311.90 does not always display "Media: Allowed by you" in a Permissions table after the user has granted camera permission to a web site, which might make it easier for user-assisted remote ...
Google Chrome
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
383
VMScore
CVE-2015-3336
Google Chrome prior to 42.0.2311.90 does not always ask the user before proceeding with CONTENT_SETTINGS_TYPE_FULLSCREEN and CONTENT_SETTINGS_TYPE_MOUSELOCK changes, which allows user-assisted remote malicious users to cause a denial of service (UI disruption) by constructing a c...
Google Chrome
Debian Debian Linux 8.0
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
668
VMScore
CVE-2015-3333
Multiple unspecified vulnerabilities in Google V8 prior to 4.2.77.14, as used in Google Chrome prior to 42.0.2311.90, allow malicious users to cause a denial of service or possibly have other impact via unknown vectors.
Google V8
Debian Debian Linux 8.0
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Google Chrome
NA
CVE-2023-38950
A path traversal vulnerability in the iclock API of ZKTeco BioTime v8.5.5 allows unauthenticated malicious users to read arbitrary files via supplying a crafted payload.
Zkteco Biotime 8.5.5
NA
CVE-2023-38951
A path traversal vulnerability in ZKTeco BioTime v8.5.5 allows malicious users to write arbitrary files via using a malicious SFTP configuration.
Zkteco Biotime 8.5.5
NA
CVE-2023-38952
Insecure access control in ZKTeco BioTime v8.5.5 allows unauthenticated malicious users to read sensitive backup files and access sensitive information such as user credentials via sending a crafted HTTP request to the static files resources of the system.
Zkteco Biotime 8.5.5
935
VMScore
CVE-2013-0640
Adobe Reader and Acrobat 9.x prior to 9.5.4, 10.x prior to 10.1.6, and 11.x prior to 11.0.02 allow remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document, as exploited in the wild in February 2013.
Adobe Acrobat Reader 9.5.2
Adobe Acrobat Reader 9.1.3
Adobe Acrobat Reader 9.4.3
Adobe Acrobat Reader 9.1.1
Adobe Acrobat Reader 9.4.5
Adobe Acrobat Reader 9.3.2
Adobe Acrobat Reader 9.1.2
Adobe Acrobat Reader 9.5.1
Adobe Acrobat Reader 9.3.3
Adobe Acrobat Reader 9.3.1
Adobe Acrobat Reader 9.3
Adobe Acrobat Reader 9.1
Adobe Acrobat Reader 9.4.7
Adobe Acrobat Reader 9.5
Adobe Acrobat Reader 9.0
Adobe Acrobat Reader 9.3.4
Adobe Acrobat Reader 9.5.3
Adobe Acrobat Reader 9.4.1
Adobe Acrobat Reader 9.4.2
Adobe Acrobat Reader 9.2
Adobe Acrobat Reader 9.4.4
Adobe Acrobat Reader 9.4
1 EDB exploit
4 Articles
1000
VMScore
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0
Apache Log4j
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Siemens Head-end System Universal Device Integration System
Siemens Gma-manager
Siemens Energyip 8.5
Siemens Energyip 8.6
Siemens Energyip 8.7
Siemens Energyip 9.0
Siemens Energy Engage 3.1
Siemens E-car Operation Center
2 Metasploit modules
1182 Github repositories
28 Articles
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started