Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unauthorized vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-20230
A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote malicious user to read, modify, or delete non-tenant policies (for example, access policies) created by users associa...
Cisco Application Policy Infrastructure Controller
NA
CVE-2003-1521
Sun Java Plug-In 1.4 up to and including 1.4.2_02 allows remote malicious users to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model.
Sun Java Plug-in 1.4
Sun Java Plug-in 1.4.2
Sun Java Plug-in 1.4.2 01
Sun Java Plug-in 1.4.2 02
1 EDB exploit
9.8
CVSSv3
CVE-2018-0130
A vulnerability in the use of JSON web tokens by the web-based service portal of Cisco Elastic Services Controller Software could allow an unauthenticated, remote malicious user to gain administrative access to an affected system. The vulnerability is due to the presence of stati...
Cisco Virtual Managed Services 3.0
NA
CVE-2001-1188
mailto.exe in Brian Dorricott MAILTO 1.0.9 and previous versions allows remote malicious users to send SPAM e-mail through remote servers by modifying the sendto, email, server, subject, and resulturl hidden form fields.
Brian Dorricott Mailto 1.0.7
Brian Dorricott Mailto 1.0.8
Brian Dorricott Mailto 1.0.9
1 EDB exploit
5.8
CVSSv3
CVE-2016-1321
Cisco Universal Small Cell devices with firmware R2.12 through R3.5 contain an image-decryption key in flash memory, which allows remote malicious users to bypass a certain certificate-validation feature and obtain sensitive firmware-image and IP address data via a request to an ...
Cisco Universal Small Cell Firmware R3.4 Base
Cisco Universal Small Cell Firmware R3.3 Base
Cisco Universal Small Cell Firmware R2.12 Base
Cisco Universal Small Cell Firmware R3.4 2.17
Cisco Universal Small Cell Firmware R3.4 2.1
Cisco Universal Small Cell Firmware R2.16 Base
Cisco Universal Small Cell Firmware R2.15 Base
Cisco Universal Small Cell Firmware R3.4 1.1
Cisco Universal Small Cell Firmware R3.5 Base
Cisco Universal Small Cell Firmware R2.14 Base
Cisco Universal Small Cell Firmware R2.13 Base
Cisco Universal Small Cell Firmware R3.2 Base
Cisco Universal Small Cell Firmware R2.17 Base
7.5
CVSSv3
CVE-2016-1322
The REST interface in Cisco Spark 2015-07-04 allows remote malicious users to bypass intended access restrictions and create arbitrary user accounts via unspecified web requests, aka Bug ID CSCuv72584.
Cisco Spark 2015-07-04 Base
7.5
CVSSv3
CVE-2022-37255
TP-Link Tapo C310 1.3.0 devices allow access to the RTSP video feed via credentials of User --- and Password TPL075526460603.
Tp-link Tapo C310 Firmware 1.3.0
8.1
CVSSv3
CVE-2016-6377
Media Origination System Suite Software 2.6 and previous versions in Cisco Virtual Media Packager (VMP) allows remote malicious users to bypass authentication and make arbitrary Platform and Applications Manager (PAM) API calls via unspecified vectors, aka Bug ID CSCuz52110.
Cisco Media Origination System Suite 2.3 Base
Cisco Media Origination System Suite 2.3\\(7\\)
Cisco Media Origination System Suite 2.3\\(8\\)
Cisco Media Origination System Suite 2.4\\(1\\)
Cisco Media Origination System Suite 2.3\\(2\\)
Cisco Media Origination System Suite 2.3\\(6\\)
Cisco Media Origination System Suite 2.6 Base
Cisco Media Origination System Suite 2.3\\(1\\)
Cisco Media Origination System Suite 2.4 Base
Cisco Media Origination System Suite 2.5 Base
Cisco Media Origination System Suite 2.5\\(0\\)
Cisco Media Origination System Suite 2.5\\(1\\)
NA
CVE-2005-2729
The HTTP proxy in Astaro Security Linux 6.0 does not properly filter HTTP CONNECT requests to localhost, which allows remote malicious users to bypass firewall rules and connect to local services.
Astaro Security Linux 6.001
1 EDB exploit
NA
CVE-2015-6395
Cisco Prime Service Catalog 10.0, 10.0(R2), 10.1, and 11.0 does not properly restrict access to web pages, which allows remote malicious users to modify the configuration via a direct request, aka Bug ID CSCuw48188.
Cisco Prime Service Catalog 10.1 Base
Cisco Prime Service Catalog 10.0 Base
Cisco Prime Service Catalog 11.0 Base
Cisco Prime Service Catalog 10.0\\(r2\\) Base
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »