Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

johannes greil vulnerabilities and exploits

(subscribe to this query)
9.8
CVSSv3
CVE-2011-3923
Apache Struts prior to 2.3.1.2 allows remote malicious users to bypass security protections in the ParameterInterceptor class and execute arbitrary commands.
Apache StrutsRedhat Jboss Enterprise Web Server 1.0.0
7.8
CVSSv3
CVE-2018-13108
All ADB broadband gateways / routers based on the Epicentro platform are affected by a local root jailbreak vulnerability where attackers are able to gain root access on the device, and extract further information such as sensitive configuration data of the ISP (e.g., VoIP creden...
Adbglobal Dv2210 Firmware -Adbglobal Vv2220 Firmware -Adbglobal Vv5522 Firmware -Adbglobal Prg Av4202n Firmware -
7.5
CVSSv3
CVE-2019-15046
Zoho ManageEngine ServiceDesk Plus 10 prior to 10509 allows unauthenticated sensitive information leakage during Fail Over Service (FOS) replication, aka SD-79989.
Zohocorp Manageengine Servicedesk Plus
7.5
CVSSv3
CVE-2018-13109
All ADB broadband gateways / routers based on the Epicentro platform are affected by an authorization bypass vulnerability where attackers are able to access and manipulate settings within the web interface that are forbidden to end users (e.g., by the ISP). An attacker would be ...
Adbglobal Dv2210 Firmware -Adbglobal Vv2220 Firmware -Adbglobal Vv5522 Firmware -Adbglobal Prg Av4202n Firmware -
7.5
CVSSv3
CVE-2018-13110
All ADB broadband gateways / routers based on the Epicentro platform are affected by a privilege escalation vulnerability where attackers can gain access to the command line interface (CLI) if previously disabled by the ISP, escalate their privileges, and perform further attacks.
Adbglobal Dv2210 Firmware -Adbglobal Vv2220 Firmware -Adbglobal Vv5522 Firmware -Adbglobal Prg Av4202n Firmware -
5.3
CVSSv3
CVE-2019-15045
AjaxDomainServlet in Zoho ManageEngine ServiceDesk Plus 10 allows User Enumeration. NOTE: the vendor's position is that this is intended functionality
Zohocorp Manageengine Servicedesk Plus
NA
CVE-2005-4550
The PORTAL schema in Oracle Application Server (OracleAS) Discussion Forum Portlet allows remote malicious users to obtain the source code for arbitrary JSP and other files via a df_next_page parameter with a trailing null byte (%00).
Oracle Application Server Discussion Forum Portlet
NA
CVE-2005-4189
Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith H3 prior to 2.0.6 allow remote authenticated users to inject arbitrary web script or HTML via (1) the Calendar name field when creating calendars, (2) event title field when deleting events, the (3) Category a...
Horde Kronolith H3 2.0.2Horde Kronolith H3 2.0.2 Rc1Horde Kronolith H3 2.0 BetaHorde Kronolith H3 2.0 Rc1Horde Kronolith H3 2.0Horde Kronolith H3 2.0.1Horde Kronolith H3 2.0.5Horde Kronolith H3 2.0 AlphaHorde Kronolith H3 2.0.3Horde Kronolith H3 2.0.3 Rc1Horde Kronolith H3 2.0 Rc2Horde Kronolith H3 2.0 Rc3Horde Kronolith H3 2.0.4Horde Kronolith H3 2.0.4 Rc1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTICVE-2024-35863CVE-2024-35910man-in-the-middleCVE-2024-35912CVE-2024-25742LFICVE-2024-32002CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook