Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
supervisor a firmware vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2019-17659
A use of hard-coded cryptographic key vulnerability in FortiSIEM may allow a remote unauthenticated attacker to obtain SSH access to the supervisor as the restricted user 'tunneluser' by leveraging knowledge of the private key from another installation or a firmware ima...
7.2
CVSSv2
CVE-2019-1649
A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local malicious user to write a modified firmware image to the component. This vulnerability affects mul...
Cisco Asa 5500 Firmware
Cisco Firepower 2100 Firmware
Cisco Firepower 4000 Firmware
Cisco Firepower 9000 Firmware
Cisco Ons 15454 Mstp Firmware
Cisco Analog Voice Network Interface Modules Firmware
Cisco Integrated Services Router T1\\/e1 Voice And Wan Network Interface Modules Firmware
Cisco Supervisor A\\+ Firmware
Cisco Supervisor B\\+ Firmware
Cisco 15454-m-wse-k9 Firmware
Cisco Ios Xe
Cisco Ios
Cisco Industrial Security Appliances 3000 Firmware
Cisco Integrated Services Router 4200 Firmware
Cisco Integrated Services Router 4300 Firmware
Cisco Integrated Services Router 4400 Firmware
Cisco Asr 1000 Series Firmware
Cisco Asr 1001 Firmware 16.0.0
Cisco Ios Xr 7.0.1
Cisco Catalyst 9800-40 Wireless Controller Firmware -
Cisco Catalyst 9800-80 Wireless Controller Firmware -
Cisco Ic3000-k9 Firmware
2 Articles
10
CVSSv2
CVE-2002-0012
Vulnerabilities in a large number of SNMP implementations allow remote malicious users to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into m...
Snmp Snmp
10
CVSSv2
CVE-2002-0013
Vulnerabilities in the SNMPv1 request handling of a large number of SNMP implementations allow remote malicious users to cause a denial of service or gain privileges via (1) GetRequest, (2) GetNextRequest, and (3) SetRequest messages, as demonstrated by the PROTOS c06-SNMPv1 test...
Snmp Snmp
1 EDB exploit
7.2
CVSSv2
CVE-2018-7522
In Schneider Electric Triconex Tricon MP model 3008 firmware versions 10.0-10.4, when a system call is made, registers are stored to a fixed memory location. Modifying the data in this location could allow malicious users to gain supervisor-level access and control system states.
Schneider-electric Triconex Tricon Mp 3008 Firmware
5
CVSSv2
CVE-2017-17974
BA SYSTEMS BAS Web on BAS920 devices (with Firmware 01.01.00*, HTTPserv 00002, and Script 02.*) and ISC2000 devices allows remote malicious users to obtain sensitive information via a request for isc/get_sid_js.aspx or isc/get_sid.aspx, as demonstrated by obtaining administrative...
Basystems Bas920 Firmware 01.01.00
Basystems Isc2000 Firmware 01.01.00
4.3
CVSSv2
CVE-2015-1788
The BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in OpenSSL prior to 0.9.8s, 1.0.0 prior to 1.0.0e, 1.0.1 prior to 1.0.1n, and 1.0.2 prior to 1.0.2b does not properly handle ECParameters structures in which the curve is over a malformed binary polynomial field, which allows re...
Openssl Openssl
Openssl Openssl 1.0.1m
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.0n
Openssl Openssl 1.0.1
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.0
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.0m
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.0h
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
Openssl Openssl 1.0.0d
Openssl Openssl 1.0.0j
Openssl Openssl 1.0.0p
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.0o
Openssl Openssl 1.0.1d
1 Article
NA
CVE-2023-28770
The sensitive information exposure vulnerability in the CGI “Export_Log” and the binary “zcmd” in Zyxel DX5401-B0 firmware versions prior to V5.17(ABYO.1)C0 could allow a remote unauthenticated malicious user to read the system files and to retrieve the pa...
Zyxel Dx5401-b0 Firmware
6.8
CVSSv2
CVE-2015-0209
Use-after-free vulnerability in the d2i_ECPrivateKey function in crypto/ec/ec_asn1.c in OpenSSL prior to 0.9.8zf, 1.0.0 prior to 1.0.0r, 1.0.1 prior to 1.0.1m, and 1.0.2 prior to 1.0.2a might allow remote malicious users to cause a denial of service (memory corruption and applica...
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.0n
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.0m
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.0h
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
Openssl Openssl 1.0.0d
Openssl Openssl 1.0.0j
Openssl Openssl 1.0.0p
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.0o
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.0k
Openssl Openssl 1.0.1k
Openssl Openssl 1.0.0
Openssl Openssl 1.0.1b
Openssl Openssl 1.0.1e
5
CVSSv2
CVE-2014-3569
The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected ...
Openssl Openssl 1.0.1j
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »