Vulmon
Recent Vulnerabilities
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
remote code vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2013-3630
Moodle through 2.5.2 allows remote authenticated administrators to execute arbitrary programs by configuring the aspell pathname and then triggering a spell-check operation within the TinyMCE editor....
1 EDB exploit available
1 Metasploit module available
5
CVSSv2
CVE-2006-1516
The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read....
1 EDB exploit available
1 Github repository available
5
CVSSv2
CVE-2006-1517
sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error message....
1 Github repository available
6.5
CVSSv2
CVE-2006-1518
Buffer overflow in the open_table function in sql_base.cc in MySQL 5.0.x up to 5.0.20 might allow remote attackers to execute arbitrary code via crafted COM_TABLE_DUMP packets with invalid length values....
1 EDB exploit available
1 Github repository available
6.5
CVSSv2
CVE-2019-17107
minPlayCommand.php in Centreon Web before 2.8.27 allows authenticated attackers to execute arbitrary code via the command_hostaddress parameter. NOTE: some sources have listed CVE-2019-17017 for this, but that is incorrect....
7.9
CVSSv2
CVE-2014-3560
NetBIOS name services daemon (nmbd) in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code via unspecified vectors that modify heap memory, involving a sizeof operation on an incorrect variable in the unstrcpy macro in...
1 Article available
6.8
CVSSv2
CVE-2012-5671
Heap-based buffer overflow in the dkim_exim_query_dns_txt function in dkim.c in Exim 4.70 through 4.80, when DKIM support is enabled and acl_smtp_connect and acl_smtp_rcpt are not set to "warn control = dkim_disable_verify," allows remote attackers to execute arbitrary...
6.6
CVSSv2
CVE-2013-1762
stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow....
7.2
CVSSv2
CVE-2018-3638
Escalation of privilege in all versions of the Intel Remote Keyboard allows an authorized local attacker to execute arbitrary code as a privileged user....
2 Articles available
4.3
CVSSv2
CVE-2005-2869
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.6.4 allow remote attackers to inject arbitrary web script or HTML via (1) the Username to libraries/auth/cookie.auth.lib.php or (2) the error parameter to error.php....
1 EDB exploit available
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-3480
CVE-2020-3559
encryption
reflected XSS
CVE-2020-3408
CVE-2020-1472
CVE-2020-13629
firmware
CVE-2020-3488
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »
Vulmon