Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cloud vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2016-8920
IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Ibm Kenexa Lms On Cloud 13.1
Ibm Kenexa Lms On Cloud 13.2.4
Ibm Kenexa Lms On Cloud 13.2.2
Ibm Kenexa Lms On Cloud 13.2.3
Ibm Kenexa Lms On Cloud 13.2
2.4
CVSSv3
CVE-2020-4811
IBM Cloud Pak for Security (CP4S) 1.4.0.0, 1.5.0.0, 1.5.0.1, 1.6.0.0, and 1.6.0.1 could allow a privileged user to inject inject malicious data using a specially crafted HTTP request due to improper input validation.
Ibm Cloud Pak For Security 1.4.0.0
Ibm Cloud Pak For Security 1.5.0.0
Ibm Cloud Pak For Security 1.5.0.1
Ibm Cloud Pak For Security 1.6.0.0
Ibm Cloud Pak For Security 1.6.0.1
8.8
CVSSv3
CVE-2018-1192
In Cloud Foundry Foundation cf-release versions prior to v285; cf-deployment versions prior to v1.7; UAA 4.5.x versions before 4.5.5, 4.8.x versions before 4.8.3, and 4.7.x versions before 4.7.4; and UAA-release 45.7.x versions before 45.7, 52.7.x versions before 52.7, and 53.3.x...
Pivotal Software Cloud Foundry Uaa
Pivotal Software Cloud Foundry Uaa-release 53.3
Pivotal Software Cloud Foundry Uaa-release 52.7
Pivotal Software Cloud Foundry Uaa-release 45.7
Pivotal Software Cloud Foundry Cf-release
Pivotal Software Cloud Foundry Cf-deployment
4.3
CVSSv3
CVE-2023-22813
A device API endpoint was missing access controls on Western Digital My Cloud OS 5 iOS and Anroid Mobile Apps, My Cloud Home iOS and Android Mobile Apps, SanDisk ibi iOS and Android Mobile Apps, My Cloud OS 5 Web App, My Cloud Home Web App and the SanDisk ibi Web App. Due to a p...
Westerndigital My Cloud
Westerndigital Sandisk Ibi
Westerndigital My Cloud Home
Westerndigital My Cloud Os 5
5.3
CVSSv3
CVE-2018-1990
IBM Cloud App Management V2018.2.0, V2018.4.0, and V2018.4.1 could allow an malicious user to obtain sensitive configuration information using a specially crafted HTTP request. IBM X-Force ID: 154283.
Ibm Cloud App Management 2018.4.0
Ibm Cloud App Management 2018.4.1
Ibm Cloud App Management 2018.2.0
6.1
CVSSv3
CVE-2023-28166
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Aakif Kadiwala Tags Cloud Manager plugin <= 1.0.0 versions.
Tags Cloud Manager Project Tags Cloud Manager
6.5
CVSSv3
CVE-2019-4397
IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise 2.5 up to and including 2.5.0.9 and 2.4 up to and including 2.4.0.5 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs...
Ibm Cloud Orchestrator Enterprise
Ibm Cloud Orchestrator
3.3
CVSSv3
CVE-2019-4398
IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise 2.5 up to and including 2.5.0.9 and 2.4 up to and including 2.4.0.5 could allow a local user to obtain sensitive information from SessionManagement cookies. IBM X-Force ID: 162259.
Ibm Cloud Orchestrator
Ibm Cloud Orchestrator Enterprise
6.1
CVSSv3
CVE-2023-5914
Cross-site scripting (XSS)
Cloud Citrix Storefront 1912
Cloud Citrix Storefront
4.8
CVSSv3
CVE-2022-42462
Auth. Stored Cross-Site Scripting (XSS) vulnerability in Adeel Ahmed's IP Blacklist Cloud plugin <= 5.00 versions.
Ip Blacklist Cloud Project Ip Blacklist Cloud
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3201
CVE-2024-4779
CVE-2024-35090
CVE-2024-5084
hard-coded
CVE-2024-4985
HTML injection
CVE-2024-33655
local file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »