Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
alex haynes vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-3623
XML external entity (XXE) vulnerability in QlikTech Qlikview prior to 11.20 SR12 allows remote malicious users to conduct server-side request forgery (SSRF) attacks and read arbitrary files via crafted XML data in a request to AccessPoint.aspx.
Qlik Qlikview
1 EDB exploit
7.2
CVSSv3
CVE-2014-5362
The admin interface in Landesk Management Suite 9.6 and previous versions allows remote malicious users to conduct remote file inclusion attacks involving ASPX pages from third-party sites via the d parameter to (1) ldms/sm_actionfrm.asp or (2) remote/frm_coremainfrm.aspx; or the...
Landesk Landesk Management Suite
NA
CVE-2014-5360
Cross-site scripting (XSS) vulnerability in the admin interface in LANDESK Management Suite prior to 9.6 SP1 allows remote malicious users to inject arbitrary web script or HTML via the AMTVersion parameter to remote/serverlist_grouptree.aspx.
Landesk Landesk Management Suite
NA
CVE-2014-5361
Multiple cross-site request forgery (CSRF) vulnerabilities in Landesk Management Suite 9.6 and previous versions allow remote malicious users to hijack the authentication of administrators for requests that (1) start, (2) stop, or (3) restart services via a request to remote/serv...
Landesk Landesk Management Suite
6.1
CVSSv3
CVE-2016-6484
CRLF injection vulnerability in Infoblox Network Automation NetMRI prior to 7.1.1 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the contentType parameter in a login action to config/userAdmin/login.tdf.
Infoblox Netmri
6.5
CVSSv3
CVE-2015-5361
Background For regular, unencrypted FTP traffic, the FTP ALG can inspect the unencrypted control channel and open related sessions for the FTP data channel. These related sessions (gates) are specific to source and destination IPs and ports of client and server. The design intent...
Juniper Junos 12.1x44
Juniper Junos 12.1x46
Juniper Junos 12.1x46-d10
Juniper Junos 12.1x47
Juniper Junos 12.3x48
Juniper Junos 15.1x49
NA
CVE-2015-4107
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was intended functionality. Notes: none
1 EDB exploit
NA
CVE-2015-4018
SQL injection vulnerability in feedwordpresssyndicationpage.class.php in the FeedWordPress plugin prior to 2015.0514 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the link_ids[] parameter in an Update action in the syndication.php page to w...
Feedwordpress Project Feedwordpress
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
IMAP
CVE-2024-4367
server-side request forgery
information disclosure
CVE-2024-34342
CVE-2024-4281
CVE-2024-3507
CVE-2024-25560
CVE-2024-34574
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started