Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

web vulnerability scanner vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2024-27998
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in UkrSolution Barcode Scanner with Inventory & Order Manager allows Reflected XSS.This issue affects Barcode Scanner with Inventory & Order Manager: from n/a up t...
NA
CVE_2023_46805
Penetration testing of https://ris.ucll.be/ Tools used Nmap It looks like the host is running on Azure since the ports are open by default 1221 and 8172. This is also indicated by the fingerprint Microsoft Azure Web App. The Python webserver being used is Gunicorn, it is a Unix b...
9
CVSSv2
CVE-2021-21881
An OS command injection vulnerability exists in the Web Manager Wireless Network Scanner functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulne...
Lantronix Premierwave 2050 Firmware 8.9.0.0
9.3
CVSSv2
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0Apache Log4jSiemens Sppa-t3000 Ses3000 FirmwareSiemens Logo\\! Soft ComfortSiemens Spectrum Power 4 4.70Siemens Spectrum Power 4Siemens Siveillance Control ProSiemens Energyip Prepay 3.7Siemens Energyip Prepay 3.8Siemens Siveillance Identity 1.6Siemens Siveillance Identity 1.5Siemens Siveillance CommandSiemens Sipass Integrated 2.85Siemens Sipass Integrated 2.80Siemens Head-end System Universal Device Integration SystemSiemens Gma-managerSiemens Energyip 8.5Siemens Energyip 8.6Siemens Energyip 8.7Siemens Energyip 9.0Siemens Energy Engage 3.1Siemens E-car Operation Center
4.3
CVSSv2
CVE-2021-41773
A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usu...
Apache Http Server 2.4.49Fedoraproject Fedora 34Fedoraproject Fedora 35Oracle Instantis Enterprisetrack 17.1Oracle Instantis Enterprisetrack 17.2Oracle Instantis Enterprisetrack 17.3Netapp Cloud Backup -
4
CVSSv2
CVE-2020-15942
An information disclosure vulnerability in Web Vulnerability Scan profile of Fortinet's FortiWeb version 6.2.x below 6.2.4 and version 6.3.x below 6.3.5 may allow a remote authenticated malicious user to read the password used by the FortiWeb scanner to access the device def...
Fortinet Fortiweb
4.3
CVSSv2
CVE-2020-1971
The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This functi...
Openssl OpensslDebian Debian Linux 9.0Debian Debian Linux 10.0Fedoraproject Fedora 32Fedoraproject Fedora 33Oracle Api Gateway 11.1.2.4.0Oracle Peoplesoft Enterprise Peopletools 8.56Oracle Business Intelligence 12.2.1.3.0Oracle Peoplesoft Enterprise Peopletools 8.57Oracle Jd Edwards World Security A9.4Oracle Business Intelligence 12.2.1.4.0Oracle Enterprise Manager Base Platform 13.3.0.0Oracle Business Intelligence 5.5.0.0.0Oracle Peoplesoft Enterprise Peopletools 8.58Oracle Enterprise Manager Base Platform 13.4.0.0Oracle Http Server 12.2.1.4.0Oracle Enterprise Manager For Storage Management 13.4.0.0Oracle Enterprise Manager Ops Center 12.4.0.0Oracle MysqlOracle Graalvm 19.3.4Oracle Graalvm 20.3.0Oracle Essbase 21.2
4.4
CVSSv2
CVE-2020-5674
Untrusted search path vulnerability in the installers of multiple SEIKO EPSON products allows an malicious user to gain privileges via a Trojan horse DLL in an unspecified directory.
Epson Album Print -Epson Color Calibration Utility -Epson Colorbase -Epson Colorio Easy Print -Epson Connect -Epson Creativity Suite -Epson E-photo -Epson Easy Photo Print -Epson Easy Settings -Epson Imaging Workshop -Epson Link2 -Epson Multi-print Quicker -Epson Net Config -Epson Net Config Se -Epson Net Print -Epson Net Software Development Kit -Epson Photolier -Epson Photoquicker -Epson Photostarter 3.1Epson Pm-t990 Integrated Installer -Epson Print -Epson Print Image Framer Tool -
7.5
CVSSv2
CVE-2019-19781
An issue exists in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.
Citrix Application Delivery Controller Firmware 10.5Citrix Application Delivery Controller Firmware 11.1Citrix Application Delivery Controller Firmware 12.0Citrix Application Delivery Controller Firmware 12.1Citrix Application Delivery Controller Firmware 13.0Citrix Netscaler Gateway Firmware 10.5Citrix Netscaler Gateway Firmware 11.1Citrix Netscaler Gateway Firmware 12.0Citrix Netscaler Gateway Firmware 12.1Citrix Gateway Firmware 13.0
7.5
CVSSv2
CVE-2017-11673
Reporter.exe in Acunetix 8 allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via a malformed PRE file, related to a "User Mode Write AV starting at reporter!madTraceProcess."
Acunetix Web Vulnerability Scanner 8
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook