Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
security vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-1359
Interpretation conflict in ModSecurity (mod_security) 2.1.0 and previous versions allows remote malicious users to bypass request rules via application/x-www-form-urlencoded POST data that contains an ASCIIZ (0x00) byte, which mod_security treats as a terminator even though it is...
Mod Security Mod Security 1.7.1
Mod Security Mod Security 2.1
Mod Security Mod Security 1.7
Mod Security Mod Security 1.7.2
Mod Security Mod Security 1.9.4
Mod Security Mod Security 1.7.5
Mod Security Mod Security 1.7.4
1 EDB exploit
NA
CVE-2014-4664
Cross-site scripting (XSS) vulnerability in the Wordfence Security plugin prior to 5.1.4 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the whoisval parameter on the WordfenceWhois page to wp-admin/admin.php.
Wordfence Security Project Wordfence Security 5.0.1
Wordfence Security Project Wordfence Security 5.1.2
Wordfence Security Project Wordfence Security 5.0.5
Wordfence Security Project Wordfence Security 5.0.2
Wordfence Security Project Wordfence Security 5.0.7
Wordfence Security Project Wordfence Security 5.0.4
Wordfence Security Project Wordfence Security 5.0.9
Wordfence Security Project Wordfence Security 5.1.1
Wordfence Security Project Wordfence Security 5.0.8
Wordfence Security Project Wordfence Security 5.0.3
Wordfence Security Project Wordfence Security 5.0.6
2 Github repositories
NA
CVE-2013-0531
The SSL implementation in IBM Security AppScan Enterprise prior to 8.7.0.1 enables cipher suites with weak encryption algorithms, which makes it easier for remote malicious users to obtain sensitive information by sniffing the network.
Ibm Security Appscan 6.0.0.0
Ibm Security Appscan 8.0.0.0
Ibm Security Appscan 8.5.0.0
Ibm Security Appscan 5.6.0.0
Ibm Security Appscan 6.0.2.0
Ibm Security Appscan 8.6.0.2
Ibm Security Appscan 8.5.0.1
Ibm Security Appscan 8.0.1.0
Ibm Security Appscan 8.0.11
Ibm Security Appscan 8.0.0.2
Ibm Security Appscan 8.6.0.0
Ibm Security Appscan
Ibm Security Appscan 8.0.0.1
Ibm Security Appscan 8.6.0.1
Ibm Security Appscan 6.0.1.0
Ibm Security Appscan 8.0.1.1
Ibm Security Appscan 6.1.1.0
NA
CVE-2013-2997
IBM Security AppScan Enterprise prior to 8.7 does not invalidate the session context upon a logout action, which allows remote malicious users to hijack sessions by leveraging an unattended workstation.
Ibm Security Appscan 6.0.0.0
Ibm Security Appscan 8.0.0.0
Ibm Security Appscan 8.5.0.0
Ibm Security Appscan 5.6.0.0
Ibm Security Appscan 6.0.2.0
Ibm Security Appscan 8.5.0.1
Ibm Security Appscan 8.0.1.0
Ibm Security Appscan 8.0.11
Ibm Security Appscan 8.0.0.2
Ibm Security Appscan 8.6.0.0
Ibm Security Appscan 8.0.0.1
Ibm Security Appscan
Ibm Security Appscan 8.6.0.1
Ibm Security Appscan 6.0.1.0
Ibm Security Appscan 8.0.1.1
Ibm Security Appscan 6.1.1.0
7.3
CVSSv3
CVE-2016-3102
The Script Security plugin prior to 1.18.1 in Jenkins might allow remote malicious users to bypass a Groovy sandbox protection mechanism via a plugin that performs (1) direct field access or (2) get/set array operations.
Jenkins Script Security 1.1
Jenkins Script Security 1.6
Jenkins Script Security 1.11
Jenkins Script Security 1.2
Jenkins Script Security 1.8
Jenkins Script Security 1.9
Jenkins Script Security 1.18
Jenkins Script Security 1.4
Jenkins Script Security 1.10
Jenkins Script Security 1.15
Jenkins Script Security 1.16
Jenkins Script Security 1.14
Jenkins Script Security 1.13
Jenkins Script Security 1.7
Jenkins Script Security 1.5
Jenkins Script Security 1.17
Jenkins Script Security 1.12
Jenkins Script Security 1.3
Jenkins Script Security 1.0
NA
CVE-2013-5453
IBM Security AppScan Enterprise 5.6 up to and including 8.7.0.1 allows remote authenticated users to read arbitrary report files by leveraging knowledge of filenames that cannot be easily predicted.
Ibm Security Appscan 6.0.0.0
Ibm Security Appscan 8.0.0.0
Ibm Security Appscan 8.5.0.0
Ibm Security Appscan 5.6.0.0
Ibm Security Appscan 6.0.2.0
Ibm Security Appscan 8.6.0.2
Ibm Security Appscan 8.7.0.0
Ibm Security Appscan 8.5.0.1
Ibm Security Appscan 8.0.1.0
Ibm Security Appscan 8.0.11
Ibm Security Appscan 8.0.0.2
Ibm Security Appscan 8.6.0.0
Ibm Security Appscan 8.0.0.1
Ibm Security Appscan 8.7.0.1
Ibm Security Appscan 8.6.0.1
Ibm Security Appscan 6.0.1.0
Ibm Security Appscan 8.0.1.1
Ibm Security Appscan 6.1.1.0
NA
CVE-2013-2197
The Login Security module 6.x-1.x prior to 6.x-1.3 and 7.x-1.x prior to 7.x-1.3 for Drupal, when using the login delay option, allows remote malicious users to cause a denial of service (CPU consumption) via a large number of failed login attempts.
Login Security Project Login Security 6.x-1.0
Login Security Project Login Security 6.x-1.1
Login Security Project Login Security 6.x-1.2
Login Security Project Login Security 6.x-1.3
Login Security Project Login Security 6.x-1.x
Login Security Project Login Security 7.x-1.0
Login Security Project Login Security 7.x-1.1
Login Security Project Login Security 7.x-1.2
Login Security Project Login Security 7.x-1.x
NA
CVE-2007-5580
Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 prior to 4.5.1.672, 5.0 prior to 5.0.0.225, 5.1 prior to 5.1.0.106, and 5.2 prior to 5.2.0.238 on Windows allows remote malicious users to execute arbitrary code via a crafted SMB packet in a TCP session on port (1...
Cisco Security Agent 4.5.1.639
Cisco Security Agent 4.5.1
Cisco Security Agent 5.1
Cisco Security Agent 4.5.1.659
Cisco Security Agent 5.0.193
Cisco Security Agent 4.0.3.728
Cisco Security Agent 5.0
Cisco Security Agent 4.0.3
Cisco Security Agent 5.0.0.201
Cisco Security Agent 5.2
Cisco Security Agent 4.0.2
Cisco Security Agent 3
Cisco Security Agent 4.0
Cisco Security Agent 4.5.1.657
Cisco Security Agent 4.5
Cisco Security Agent 2.1
Cisco Security Agent 4.0.1
Cisco Security Agent 5.1.79
NA
CVE-2014-6136
IBM Security AppScan Standard 8.x and 9.x prior to 9.0.1.1 FP1 supports unencrypted sessions, which allows remote malicious users to obtain sensitive information by sniffing the network.
Ibm Security Appscan 8.7.0.1
Ibm Security Appscan 9.0.0.1
Ibm Security Appscan 8.7.0.0
Ibm Security Appscan 8.0.0.2
Ibm Security Appscan 8.5.0.0
Ibm Security Appscan 9.0.1.1
Ibm Security Appscan 8.0.0.3
Ibm Security Appscan 9.0.1.0
Ibm Security Appscan 8.6.0.1
Ibm Security Appscan 8.6.0.0
Ibm Security Appscan 8.8.0.0
Ibm Security Appscan 8.0.0.0
Ibm Security Appscan 8.5.0.1
Ibm Security Appscan 8.0.0.1
Ibm Security Appscan 9.0.0.0
NA
CVE-2014-8918
IBM Security AppScan Standard 8.x and 9.x prior to 9.0.1.1 FP1 does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Ibm Security Appscan 8.7.0.1
Ibm Security Appscan 9.0.0.1
Ibm Security Appscan 8.7.0.0
Ibm Security Appscan 8.0.0.2
Ibm Security Appscan 8.5.0.0
Ibm Security Appscan 9.0.1.1
Ibm Security Appscan 8.0.0.3
Ibm Security Appscan 9.0.1.0
Ibm Security Appscan 8.6.0.1
Ibm Security Appscan 8.6.0.0
Ibm Security Appscan 8.8.0.0
Ibm Security Appscan 8.0.0.0
Ibm Security Appscan 8.5.0.1
Ibm Security Appscan 8.0.0.1
Ibm Security Appscan 9.0.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »