Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
inject vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2019-15983
A vulnerability in the SOAP API of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote malicious user to gain read access to information that is stored on an affected system. To exploit this vulnerability, an attacker would need administrative privileges...
Cisco Data Center Network Manager
1 Article
890
VMScore
CVE-2019-15975
Multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote malicious user to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. For more inform...
Cisco Data Center Network Manager
1 Article
890
VMScore
CVE-2019-15976
Multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote malicious user to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. For more inform...
Cisco Data Center Network Manager
1 Article
694
VMScore
CVE-2019-15977
Multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote malicious user to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. For more inform...
Cisco Data Center Network Manager
1 Article
356
VMScore
CVE-2019-15999
A vulnerability in the application environment of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote malicious user to gain unauthorized access to the JBoss Enterprise Application Platform (JBoss EAP) on an affected device. The vulnerability is due to a...
Cisco Data Center Network Manager
1 Article
801
VMScore
CVE-2019-15984
Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote malicious user to execute arbitrary SQL commands on an affected device. To exploit these vulnerabilities, an attacker would need administra...
Cisco Data Center Network Manager
1 Article
516
VMScore
CVE-2010-1125
The JavaScript implementation in Mozilla Firefox 3.x prior to 3.5.10 and 3.6.x prior to 3.6.4, and SeaMonkey prior to 2.0.5, allows remote malicious users to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame, via cer...
Mozilla Firefox 3.0.1
Mozilla Firefox 3.0.10
Mozilla Firefox 3.0.3
Mozilla Firefox 3.0.4
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.3
Mozilla Firefox 3.5.4
Mozilla Firefox 3.0.11
Mozilla Firefox 3.0.12
Mozilla Firefox 3.0.5
Mozilla Firefox 3.0.7
Mozilla Firefox 3.5.5
Mozilla Firefox 3.6
Mozilla Firefox 3.0
Mozilla Firefox 3.0.15
Mozilla Firefox 3.0.2
Mozilla Firefox 3.5
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.9
Mozilla Firefox 3.0.13
Mozilla Firefox 3.0.14
691
VMScore
CVE-2017-9805
The REST Plugin in Apache Struts 2.1.1 up to and including 2.3.x prior to 2.3.34 and 2.5.x prior to 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.
Apache Struts 2.1.8
Apache Struts 2.1.8.1
Apache Struts 2.3.1.2
Apache Struts 2.3.3
Apache Struts 2.3.14.2
Apache Struts 2.3.14.3
Apache Struts 2.3.16.2
Apache Struts 2.3.16.3
Apache Struts 2.3.28
Apache Struts 2.3.28.1
Apache Struts 2.5.3
Apache Struts 2.5.4
Apache Struts 2.5.10.1
Apache Struts 2.5.11
Apache Struts 2.1.2
Apache Struts 2.2.1
Apache Struts 2.2.1.1
Apache Struts 2.3.4
Apache Struts 2.3.4.1
Apache Struts 2.3.15
Apache Struts 2.3.15.1
Apache Struts 2.3.20
1 EDB exploit
20 Github repositories
3 Articles
605
VMScore
CVE-2011-1431
The STARTTLS implementation in qmail-smtpd.c in qmail-smtpd in the netqmail-1.06-tls patch for netqmail 1.06 does not properly restrict I/O buffering, which allows man-in-the-middle malicious users to insert commands into encrypted SMTP sessions by sending a cleartext command tha...
Frederik Vermeulen Netqmail 1.06
605
VMScore
CVE-2011-1430
The STARTTLS implementation in the server in Ipswitch IMail 11.03 and previous versions does not properly restrict I/O buffering, which allows man-in-the-middle malicious users to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after ...
Ipswitch Imail 8.22
Ipswitch Imail 8.11
Ipswitch Imail 6.1
Ipswitch Imail 6.0.2
Ipswitch Imail 6.0
Ipswitch Imail 6.0.1
Ipswitch Imail 7.0.5
Ipswitch Imail 7.0.2
Ipswitch Imail 7.0.3
Ipswitch Imail 8.0.3
Ipswitch Imail 8.0.5
Ipswitch Imail 11
Ipswitch Imail 10.02
Ipswitch Imail 6.00
Ipswitch Imail 6.06
Ipswitch Imail 2006.1
Ipswitch Imail 5.0.8
Ipswitch Imail 5.0.5
Ipswitch Imail 7.0.4
Ipswitch Imail 8.1
Ipswitch Imail 8.12
Ipswitch Imail 11.02
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »