Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

james horseman vulnerabilities and exploits

(subscribe to this query)
9.8
CVSSv3
CVE-2024-0204
Authentication bypass in Fortra's GoAnywhere MFT before 7.4.1 allows an unauthorized user to create an admin user via the administration portal.
Fortra Goanywhere Managed File Transfer 6.0.0Fortra Goanywhere Managed File Transfer
8.1
CVSSv3
CVE-2023-26067
Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 1 of 4).
Lexmark Cxtpc FirmwareLexmark Cstpc FirmwareLexmark Mxtct FirmwareLexmark Mxtpm FirmwareLexmark Cxtmm FirmwareLexmark Mslsg FirmwareLexmark Mxlsg FirmwareLexmark Mslbd FirmwareLexmark Mxlbd FirmwareLexmark Msngm FirmwareLexmark Mxngm FirmwareLexmark Mxtgm FirmwareLexmark Msngw FirmwareLexmark Mstgw FirmwareLexmark Mxtgw FirmwareLexmark Cslbn FirmwareLexmark Cslbl FirmwareLexmark Cxlbn FirmwareLexmark Cxlbl FirmwareLexmark Csnzj FirmwareLexmark Cxtzj FirmwareLexmark Cxnzj Firmware
9.8
CVSSv3
CVE-2023-26068
Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 2 of 4).
Lexmark Cxtpc FirmwareLexmark Cstpc FirmwareLexmark Mxtct FirmwareLexmark Mxtpm FirmwareLexmark Cxtmm FirmwareLexmark Mslsg FirmwareLexmark Mxlsg FirmwareLexmark Mslbd FirmwareLexmark Mxlbd FirmwareLexmark Msngm FirmwareLexmark Mxngm FirmwareLexmark Mxtgm FirmwareLexmark Msngw FirmwareLexmark Mstgw FirmwareLexmark Mxtgw FirmwareLexmark Cslbn FirmwareLexmark Cslbl FirmwareLexmark Cxlbn FirmwareLexmark Cxlbl FirmwareLexmark Csnzj FirmwareLexmark Cxtzj FirmwareLexmark Cxnzj Firmware
9.8
CVSSv3
CVE-2023-48788
A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 up to and including 7.2.2, FortiClientEMS 7.0.1 up to and including 7.0.10 allows malicious user to execute unauthorized code or commands via ...
Fortinet Forticlient Enterprise Management Server
9.8
CVSSv3
CVE-2022-1388
On F5 BIG-IP 16.1.x versions before 16.1.2.2, 15.1.x versions before 15.1.5.1, 14.1.x versions before 14.1.4.6, 13.1.x versions before 13.1.5, and all 12.1.x and 11.6.x versions, undisclosed requests may bypass iControl REST authentication. Note: Software versions which have reac...
F5 Big-ip Access Policy ManagerF5 Big-ip Advanced Firewall ManagerF5 Big-ip AnalyticsF5 Big-ip Application Acceleration ManagerF5 Big-ip Application Security ManagerF5 Big-ip Domain Name SystemF5 Big-ip Fraud Protection ServiceF5 Big-ip Global Traffic ManagerF5 Big-ip Link ControllerF5 Big-ip Local Traffic ManagerF5 Big-ip Policy Enforcement Manager
9.8
CVSSv3
CVE-2023-38035
A security vulnerability in MICS Admin Portal in Ivanti MobileIron Sentry versions 9.18.0 and below, which may allow an malicious user to bypass authentication controls on the administrative interface due to an insufficiently restrictive Apache HTTPD configuration.
Ivanti Mobileiron Sentry
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionSSRFbuffer overflowCVE-2023-28952CVE-2023-41822CVE-2024-27956CVE-2023-7028CVE-2024-34447CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook