Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
micha borrmann vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-19783
Kentix MultiSensor-LAN 5.63.00 devices and previous allow Authentication Bypass via an Alternate Path or Channel.
Kentix Multisensor-lan Firmware
6.5
CVSSv3
CVE-2016-9207
A vulnerability in the HTTP traffic server component of Cisco Expressway could allow an unauthenticated, remote malicious user to initiate TCP connections to arbitrary hosts. This does not allow for full traffic proxy through the Expressway. Affected Products: This vulnerability ...
Cisco Expressway X8.8.3
Cisco Expressway X8.7.2
7.4
CVSSv3
CVE-2019-19199
REDDOXX MailDepot 2032 SP2 2.2.1242 has Insufficient Session Expiration because tokens are not invalidated upon a logout.
Reddoxx Maildepot 2032
5.3
CVSSv3
CVE-2020-10110
Citrix Gateway 11.1, 12.0, and 12.1 allows Information Exposure Through Caching. NOTE: Citrix disputes this as not a vulnerability. There is no sensitive information disclosure through the cache headers on Citrix ADC. The "Via" header lists cache protocols and recipient...
Citrix Gateway Firmware 11.1
Citrix Gateway Firmware 12.0
Citrix Gateway Firmware 12.1
5.4
CVSSv3
CVE-2020-10112
Citrix Gateway 11.1, 12.0, and 12.1 allows Cache Poisoning. NOTE: Citrix disputes this as not a vulnerability. By default, Citrix ADC only caches static content served under certain URL paths for Citrix Gateway usage. No dynamic content is served under these paths, which implies ...
Citrix Gateway Firmware 11.1
Citrix Gateway Firmware 12.0
Citrix Gateway Firmware 12.1
8.8
CVSSv3
CVE-2019-19200
REDDOXX MailDepot 2032 2.2.1242 allows authenticated users to access the mailboxes of other users.
Reddoxx Maildepot 2032
5.9
CVSSv3
CVE-2014-2845
Cyberduck prior to 4.4.4 on Windows does not properly validate X.509 certificate chains, which allows man-in-the-middle malicious users to spoof FTP-SSL servers via a certificate issued by an arbitrary root Certification Authority.
Cyberduck Cyberduck
6.1
CVSSv3
CVE-2018-19694
HMS Industrial Networks Netbiter WS100 3.30.5 devices and previous have reflected XSS in the login form.
Hms-networks Netbiter Ws100 Firmware
Hms-networks Netbiter Ws200 Firmware
Hms-networks Netbiter Ec150 Firmware
Hms-networks Netbiter Ec250 Firmware
Hms-networks Netbiter Lc310 Firmware
Hms-networks Netbiter Lc310 Thingworx Firmware
Hms-networks Netbiter Lc350 Firmware
Hms-networks Netbiter Lc350 Thingworx Firmware
7.5
CVSSv3
CVE-2020-10111
Citrix Gateway 11.1, 12.0, and 12.1 has an Inconsistent Interpretation of HTTP Requests. NOTE: Citrix disputes the reported behavior as not a security issue. Citrix ADC only caches HTTP/1.1 traffic for performance optimization
Citrix Gateway Firmware 11.1
Citrix Gateway Firmware 12.0
Citrix Gateway Firmware 12.1
NA
CVE-2006-0706
Cross-site scripting vulnerability in eintrag.php in Gästebuch (Gastebuch) prior to 1.3.3 allows remote malicious users to inject arbitrary web script or HTML via the URL, which is used in the homepage parameter.
Gastebuch Gastebuch
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »