Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm application gateway 1.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-22387
IBM Application Gateway is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 221965.
Ibm Application Gateway 1.0
5
CVSSv2
CVE-2021-20576
IBM Security Verify Access 20.07 could allow a remote malicious user to send a specially crafted HTTP GET request that could cause the application to crash.
Ibm Application Gateway 1.0
Ibm Security Verify Access 20.07
2.1
CVSSv2
CVE-2021-20575
IBM Security Verify Access 20.07 allows web pages to be stored locally which can be read by another user on the system. X-Force ID: 199278.
Ibm Application Gateway 1.0
Ibm Security Verify Access 20.07
10
CVSSv2
CVE-2002-1689
Unknown vulnerability in the login program on AIX prior to 4.0 could allow remote users to specify 100 or more environment variables when logging on, which exceeds the length of a certain string, possibly triggering a buffer overflow.
Ibm Aix 3.2.5
10
CVSSv2
CVE-2001-0797
Buffer overflow in login in various System V based operating systems allows remote malicious users to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.
Sgi Irix 3.2
Sgi Irix 3.3.2
Sgi Irix 3.3.3
Sgi Irix 3.3
Sgi Irix 3.3.1
Hp Hp-ux 10.01
Hp Hp-ux 10.10
Ibm Aix 4.3.1
Ibm Aix 4.3.2
Sco Openserver 5.0.5
Sco Openserver 5.0.6
Sun Solaris 2.4
Sun Sunos 5.5
Sun Sunos 5.7
Sun Solaris 7.0
Hp Hp-ux 11.0.4
Hp Hp-ux 11.00
Sco Openserver 5.0
Sco Openserver 5.0.1
Sun Sunos 5.1
Sun Sunos 5.2
Sun Solaris 2.5.1
8 EDB exploits
2 Github repositories
4.3
CVSSv2
CVE-2021-3449
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_ce...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Freebsd Freebsd 12.2
Netapp Santricity Smi-s Provider -
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Oncommand Insight -
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager -
Netapp Cloud Volumes Ontap Mediator -
Netapp E-series Performance Analyzer -
Tenable Tenable.sc
Tenable Nessus
Tenable Nessus Network Monitor 5.11.1
Tenable Nessus Network Monitor 5.12.0
Tenable Nessus Network Monitor 5.12.1
Tenable Nessus Network Monitor 5.13.0
Tenable Nessus Network Monitor 5.11.0
Tenable Log Correlation Engine
Fedoraproject Fedora 34
5 Github repositories
1 Article
NA
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Ietf Http 2.0
Nghttp2 Nghttp2
Netty Netty
Envoyproxy Envoy 1.27.0
Envoyproxy Envoy 1.26.4
Envoyproxy Envoy 1.25.9
Envoyproxy Envoy 1.24.10
Eclipse Jetty
Caddyserver Caddy
Golang Http2
Golang Go
Golang Networking
F5 Big-ip Analytics
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Domain Name System
F5 Big-ip Application Security Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
34 Github repositories
2 Articles
2.6
CVSSv2
CVE-2013-0169
The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote malicious...
Openssl Openssl
Oracle Openjdk 1.7.0
Oracle Openjdk 1.6.0
Polarssl Polarssl 0.14.2
Polarssl Polarssl 0.11.0
Polarssl Polarssl 1.0.0
Polarssl Polarssl 0.13.1
Polarssl Polarssl 1.1.3
Polarssl Polarssl 0.12.1
Polarssl Polarssl 0.99
Polarssl Polarssl 0.11.1
Polarssl Polarssl 1.1.4
Polarssl Polarssl 0.14.0
Polarssl Polarssl 1.1.1
Polarssl Polarssl 1.1.2
Polarssl Polarssl 0.14.3
Polarssl Polarssl 1.1.0
Polarssl Polarssl 0.10.1
Polarssl Polarssl 0.12.0
Polarssl Polarssl 0.10.0
11 Github repositories
NA
CVE_2022_40684
Official Writeup - Simple CTF 2.0 Created: April 23, 2024 7:50 PM Today I completed an other room on TryHackMe with a simple file-upload vulnerability which I built. I have tried for dancing around this whole CTF machine and getting a lot of walls of challenges in the end it co...
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started