Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zeroscience.mk vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2017-964430
Automated Logic WebCTRL version 6.5 suffers from an insecure file permission privilege escalation vulnerability.
10
CVSSv2
CVE-2020-12133
The Apros Evolution, ConsciusMap, and Furukawa provisioning systems up to and including 2.8.1 allow remote code execution because of javax.faces.ViewState Java deserialization.
Farukawa Electric Consciousmap
NA
CVE-2015-528521
Kallithea suffers from a HTTP header injection (response splitting) vulnerability because it fails to properly sanitize user input before using it as an HTTP header value via the GET 'came_from' parameter in the login instance. This type of attack not only allows a mali...
3.5
CVSSv2
CVE-2015-2269
Multiple cross-site scripting (XSS) vulnerabilities in lib/javascript-static.js in Moodle up to and including 2.5.9, 2.6.x prior to 2.6.9, 2.7.x prior to 2.7.6, and 2.8.x prior to 2.8.4 allow remote authenticated users to inject arbitrary web script or HTML via a (1) alt or (2) t...
Moodle Moodle 2.5.6
Moodle Moodle 2.5.5
Moodle Moodle 2.5.4
Moodle Moodle 2.5.3
Moodle Moodle 2.7.1
Moodle Moodle 2.7.2
Moodle Moodle 2.7.3
Moodle Moodle 2.7.4
Moodle Moodle 2.6.1
Moodle Moodle 2.6.2
Moodle Moodle 2.6.3
Moodle Moodle 2.6.4
Moodle Moodle 2.8.3
Moodle Moodle 2.5.8
Moodle Moodle 2.5.1
Moodle Moodle 2.6.0
Moodle Moodle 2.6.5
Moodle Moodle 2.6.7
Moodle Moodle 2.7.0
Moodle Moodle 2.7.5
Moodle Moodle 2.8.1
Moodle Moodle
1 EDB exploit
5
CVSSv2
CVE-2018-18428
TP-Link TL-SC3130 1.6.18P12_121101 devices allow unauthenticated RTSP stream access, as demonstrated by a /jpg/image.jpg URI.
Tp-link Tl-sc3130 Firmware 1.6.18p12 121101
1 EDB exploit
4.3
CVSSv2
CVE-2012-2172
Cross-site scripting (XSS) vulnerability in SoftwareRegistration.do in the Storage Manager Profiler in IBM System Storage DS Storage Manager prior to 10.83.xx.18 on DS Series devices allows remote malicious users to inject arbitrary web script or HTML via the updateRegn parameter...
Ibm Ds Storage Manager Host Software 10.60.x5.14
Ibm Ds Storage Manager Host Software 10.8
Ibm Ds Storage Manager Host Software
Ibm Ds4100
Ibm System Storage Dcs3700 Storage Subsystem 1818
Ibm System Storage Ds3200 1726
Ibm System Storage Ds5100 Storage Controller 1818
Ibm System Storage Ds5300 Storage Controller 1818
Ibm Ds4100 1724
Ibm Ds4200 1814
Ibm Ds4300 1722
Ibm System Storage Ds3300 1726
Ibm System Storage Ds3400 1726
Ibm Ds4400 1742
Ibm Ds4500 1742
Ibm System Storage Ds3512 1746
Ibm System Storage Ds3524 1746
Ibm Ds4700 1814
Ibm Ds4800 1815
Ibm System Storage Ds3950 Express 1814
Ibm System Storage Ds5020 Disk Controller 1814-20a
1 EDB exploit
NA
CVE-2015-771405
Realtyna RPL suffers from multiple SQL Injection vulnerabilities. Input passed via multiple POST parameters is not properly sanitized before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
6.8
CVSSv2
CVE-2015-7715
Cross-site request forgery (CSRF) vulnerability in the Realtyna RPL (com_rpl) component prior to 8.9.5 for Joomla! allows remote malicious users to hijack the authentication of administrators for requests that add a user via an add_user action to administrator/index.php.
Realtyna Realtyna Property Listing
1 EDB exploit
9.3
CVSSv2
CVE-2011-0614
Buffer overflow in Adobe Audition 3.0.1 and previous versions allows remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Audition Session (aka .ses) file.
Adobe Audition 3.0
Adobe Audition
1 EDB exploit
4.4
CVSSv2
CVE-2014-9416
Multiple untrusted search path vulnerabilities in Huawei eSpace Desktop before V200R003C00 allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) mfc71enu.dll, (2) mfc71loc.dll, (3) tcapi.dll, or (4) airpcap.dll.
Huawei Espace Desktop
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »