Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fuse vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2018-1320
Apache Thrift Java client library versions 0.5.0 up to and including 0.11.0 can bypass SASL negotiation isComplete validation in the org.apache.thrift.transport.TSaslTransport class. An assert used to determine if the SASL handshake had successfully completed could be disabled in...
Apache Thrift
Debian Debian Linux 8.0
F5 Traffix Signaling Delivery Controller
Oracle Global Lifecycle Management Opatch
Oracle Nosql Database
356
VMScore
CVE-2018-3831
Elasticsearch Alerting and Monitoring in versions prior to 6.4.1 or 5.6.12 have an information disclosure issue when secrets are configured via the API. The Elasticsearch _cluster/settings API, when queried, could leak sensitive configuration information such as passwords, tokens...
Elastic Elasticsearch
446
VMScore
CVE-2022-23596
Junrar is an open source java RAR archive library. In affected versions A carefully crafted RAR archive can trigger an infinite loop while extracting said archive. The impact depends solely on how the application uses the library, and whether files can be provided by malignant us...
Junrar Project Junrar
171
VMScore
CVE-2020-15250
In JUnit4 from version 4.7 and prior to 4.13.1, the test rule TemporaryFolder contains a local information disclosure vulnerability. On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories...
Junit Junit4
Debian Debian Linux 9.0
Apache Pluto
Oracle Communications Cloud Native Core Policy 1.14.0
6 Github repositories
312
VMScore
CVE-2019-2692
Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/J). Supported versions that are affected are 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Connectors execu...
Oracle Mysql Connector\\/j
668
VMScore
CVE-2019-3773
Spring Web Services, versions 2.4.3, 3.0.4, and older unsupported versions of all three projects, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources.
Pivotal Software Spring Web Services
Oracle Flexcube Private Banking 12.1.0
Oracle Flexcube Private Banking 12.0.0
Oracle Financial Services Analytical Applications Infrastructure
668
VMScore
CVE-2019-3774
Spring Batch versions 3.0.9, 4.0.1, 4.1.0, and older unsupported versions, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources.
Pivotal Software Spring Batch
Pivotal Software Spring Batch 4.1.0
445
VMScore
CVE-2016-5051
OSRAM SYLVANIA Osram Lightify Home prior to 2016-07-26 stores a PSK in cleartext under /private/var/mobile/Containers/Data/Application.
Osram Lightify Home
1 Article
445
VMScore
CVE-2016-5052
OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 does not use SSL pinning.
Osram Lightify Home
1 Article
445
VMScore
CVE-2016-5054
OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 allows Zigbee replay.
Osram Lightify Home
1 Article
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »