Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
adx vulnerabilities and exploits
(subscribe to this query)
481
VMScore
CVE-2013-7306
The OSPF implementation on Brocade routers does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote malicious users to cause a denial of service (routing dis...
Brocade Netiron Cer -
Brocade Netiron Ces -
Brocade Vdx -
Brocade Fastiron -
Brocade Mlx -
Brocade Turboiron -
Brocade Adx -
Brocade Netiron Xmr -
Brocade Icx -
Brocade Bigiron Rx -
Brocade Vyatta -
446
VMScore
CVE-2022-21935
A vulnerability in Metasys ADS/ADX/OAS 10 versions before 10.1.5 and Metasys ADS/ADX/OAS 11 versions before 11.0.2 allows unverified password change.
Johnsoncontrols Metasys Open Application Server
Johnsoncontrols Metasys Open Application Server 11.0
Johnsoncontrols Metasys Application And Data Server 11.0
Johnsoncontrols Metasys Extended Application And Data Server 11.0
Johnsoncontrols Metasys Application And Data Server 11.0.1
Johnsoncontrols Metasys Extended Application And Data Server 11.0.1
Johnsoncontrols Metasys Open Application Server 11.0.1
Johnsoncontrols Metasys Application And Data Server
Johnsoncontrols Metasys Extended Application And Data Server
188
VMScore
CVE-2022-21937
Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions before 10.1.5 and Metasys ADS/ADX/OAS 11 versions before 11.0.2 could allow a user to inject malicious code into the web interface.
Johnsoncontrols Metasys Open Application Server
Johnsoncontrols Metasys Open Application Server 11.0
Johnsoncontrols Metasys Application And Data Server 11.0
Johnsoncontrols Metasys Extended Application And Data Server 11.0
Johnsoncontrols Metasys Application And Data Server 11.0.1
Johnsoncontrols Metasys Extended Application And Data Server 11.0.1
Johnsoncontrols Metasys Open Application Server 11.0.1
Johnsoncontrols Metasys Application And Data Server
Johnsoncontrols Metasys Extended Application And Data Server
312
VMScore
CVE-2022-21938
Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions before 10.1.5 and Metasys ADS/ADX/OAS 11 versions before 11.0.2 could allow a user to inject malicious code into the MUI Graphics web interface.
Johnsoncontrols Metasys Open Application Server
Johnsoncontrols Metasys Open Application Server 11.0
Johnsoncontrols Metasys Application And Data Server 11.0
Johnsoncontrols Metasys Extended Application And Data Server 11.0
Johnsoncontrols Metasys Application And Data Server 11.0.1
Johnsoncontrols Metasys Extended Application And Data Server 11.0.1
Johnsoncontrols Metasys Open Application Server 11.0.1
Johnsoncontrols Metasys Application And Data Server
Johnsoncontrols Metasys Extended Application And Data Server
535
VMScore
CVE-2022-21934
Under certain circumstances an authenticated user could lock other users out of the system or take over their accounts in Metasys ADS/ADX/OAS server 10 versions before 10.1.5 and Metasys ADS/ADX/OAS server 11 versions before 11.0.2.
Johnsoncontrols Metasys Open Application Server
Johnsoncontrols Metasys Extended Application And Data Server
Johnsoncontrols Metasys Application And Data Server
NA
CVE-2022-21936
On Metasys ADX Server version 12.0 running MVE, an Active Directory user could execute validated actions without providing a valid password when using MVE SMP UI.
Johnsoncontrols Metasys Extended Application And Data Server 12.0
756
VMScore
CVE-2021-36207
Under certain circumstances improper privilege management in Metasys ADS/ADX/OAS servers versions 10 and 11 could allow an authenticated user to elevate their privileges to administrator.
Johnsoncontrols Metasys Open Application Server
Johnsoncontrols Metasys Extended Application And Data Server
Johnsoncontrols Metasys Application And Data Server
570
VMScore
CVE-2019-7594
Metasys® ADS/ADX servers and NAE/NIE/NCE engines before 9.0 make use of a hardcoded RC2 key for certain encryption operations involving the Site Management Portal (SMP).
Johnsoncontrols Metasys System
NA
CVE-2021-36200
Under certain circumstances an unauthenticated user could access the the web API for Metasys ADS/ADX/OAS 10 versions before 10.1.6 and 11 versions before 11.0.2 and enumerate users.
Johnsoncontrols Metasys Open Application Server
Johnsoncontrols Metasys Extended Application And Data Server
Johnsoncontrols Metasys Application And Data Server
570
VMScore
CVE-2019-7593
Metasys® ADS/ADX servers and NAE/NIE/NCE engines before 9.0 make use of a shared RSA key pair for certain encryption operations involving the Site Management Portal (SMP).
Johnsoncontrols Metasys System
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »