Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
falcon vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-2841
A vulnerability was found in CrowdStrike Falcon 6.31.14505.0/6.42.15610/6.44.15806. It has been classified as problematic. Affected is an unknown function of the component Uninstallation Handler. The manipulation leads to missing authorization. It is possible to launch the attack...
Crowdstrike Falcon 6.42.15610
Crowdstrike Falcon 6.31.14505.0
Crowdstrike Falcon 6.44.15806
1 Github repository
5
CVSSv2
CVE-1999-0882
Falcon web server allows remote malicious users to determine the absolute path of the web root via long file names.
Falcon Falcon Web Server 1.0.0.1006
7.5
CVSSv2
CVE-2022-26245
Falcon-plus v0.3 exists to contain a SQL injection vulnerability via the parameter grpName in /config/service/host.go.
Open-falcon Falcon-plus 0.3
4.3
CVSSv2
CVE-2002-2318
Cross-site scripting (XSS) vulnerability in Falcon web server 2.0.0.1009 up to and including 2.0.0.1021 allows remote malicious users to inject arbitrary web script or HTML via the URI, which is inserted into 301 error messages and executed by 404 error messages.
Blueface Falcon Web Server 2.0.0.1009
Blueface Falcon Web Server 2.0.0.1021
Blueface Falcon Web Server 2.0.0.1021 Ssl
Blueface Falcon Web Server 2.0.0.1020
1 EDB exploit
4.3
CVSSv2
CVE-2014-3110
Multiple cross-site scripting (XSS) vulnerabilities on Honeywell FALCON XLWeb Linux controller devices 2.04.01 and previous versions and FALCON XLWeb XLWebExe controller devices 2.02.11 and previous versions allow remote malicious users to inject arbitrary web script or HTML via ...
Honeywell Falcon Xlweb Linux Controller
Honeywell Falcon Xlweb Xlwebexe
1 EDB exploit
7.6
CVSSv2
CVE-2014-2717
Honeywell FALCON XLWeb Linux controller devices 2.04.01 and previous versions and FALCON XLWeb XLWebExe controller devices 2.02.11 and previous versions allow remote malicious users to bypass authentication and obtain administrative access by visiting the change-password page.
Honeywell Falcon Xlweb Linux Controller
Honeywell Falcon Xlweb Xlwebexe
7.5
CVSSv2
CVE-2002-0899
Falcon web server 2.0.0.1021 and previous versions allows remote malicious users to bypass access restrictions for protected files via a URL whose directory portion ends in a . (dot).
Blueface Falcon Web Server 2.0.0.1021
Blueface Falcon Web Server 2.0.0.1021 Ssl
5
CVSSv2
CVE-2002-0275
Falcon web server 2.0.0.1020 and previous versions allows remote malicious users to bypass authentication and read restricted files via an extra / (slash) in the requested URL.
Blueface Falcon Web Server 2.0.0.1009
Blueface Falcon Web Server 2.0.0.1020
NA
CVE-2021-27523
An issue exists in open-falcon dashboard version 0.2.0, allows remote malicious users to gain, modify, and delete sensitive information via crafted POST request to register interface.
Open-falcon Dashboard 0.2.0
5
CVSSv2
CVE-1999-0881
Falcon web server allows remote malicious users to read arbitrary files via a .. (dot dot) attack.
Blueface Falcon Web Server 1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3012
CVE-2024-30200
XXE
CVE-2023-24955
CVE-2023-42931
CVE-2024-29231
remote code execution
cross-site scripting
CVE-2024-0677
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »