Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
base vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-25141
Apache Sling JCR Base < 3.1.12 has a critical injection vulnerability when running on old JDK versions (JDK 1.8.191 or earlier) through utility functions in RepositoryAccessor. The functions getRepository and getRepositoryFromURL allow an application to access data stored in a...
Apache Sling Jcr Base
4.3
CVSSv2
CVE-2021-31589
A cross-site scripting (XSS) vulnerability has been reported and confirmed for BeyondTrust Secure Remote Access Base Software version 6.0.1 and older, which allows the injection of unauthenticated, specially-crafted web requests without proper sanitization.
Beyondtrust Appliance Base Software
5 Github repositories
5
CVSSv2
CVE-2007-3556
Liesbeth base CMS stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download an include file containing account credentials via a direct request for config.inc.
Doubleflex Liesbeth Base Cms
1 EDB exploit
4.6
CVSSv2
CVE-2020-8474
Weak Registry permissions in ABB System 800xA Base allow low privileged users to read and modify registry settings related to control system functionality, allowing an authenticated malicious user to cause system functions to stop or malfunction.
Abb 800xa Base System
4.6
CVSSv2
CVE-2020-8487
Insufficient protection of the inter-process communication functions in ABB System 800xA Base (all published versions) enables an attacker authenticated on the local system to inject data, affect node redundancy handling.
Abb 800xa Base System
6.8
CVSSv2
CVE-2020-8473
Insufficient folder permissions used by system functions in ABB System 800xA Base (version 6.1 and previous versions) allow low privileged users to read, modify, add and delete system and application files. An authenticated attacker who successfully exploit the vulnerabilities co...
Abb 800xa Base System
7.2
CVSSv2
CVE-2002-0218
Format string vulnerability in (1) sastcpd in SAS/Base 8.0 and 8.1 or (2) objspawn in SAS/Integration Technologies 8.0 and 8.1 allows local users to execute arbitrary code via format specifiers in a command line argument.
Sas Sas Base 8.0
Sas Sas Base 8.1
Sas Sas Integration Technologies 8.0
Sas Sas Integration Technologies 8.1
7.2
CVSSv2
CVE-2002-0219
Buffer overflow in (1) sastcpd in SAS/Base 8.0 and 8.1 or (2) objspawn in SAS/Integration Technologies 8.0 and 8.1 allows local users to execute arbitrary code via large command line argument.
Sas Sas Integration Technologies 8.0
Sas Sas Integration Technologies 8.1
Sas Sas Base 8.1
Sas Sas Base 8.0
NA
CVE-2022-27494
Aethon TUG Home Base Server versions prior to version 24 are affected by un unauthenticated attacker who can freely access hashed user credentials.
Aethon Tug Home Base Server
1 Article
NA
CVE-2022-26423
Aethon TUG Home Base Server versions prior to version 24 are affected by un unauthenticated attacker who can freely access hashed user credentials.
Aethon Tug Home Base Server
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »