Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
information technology vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv3
CVE-2019-0099
Insufficient access control vulnerability in subsystem in Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
Intel Server Platform Services Firmware
9.8
CVSSv3
CVE-2019-0153
Buffer overflow in subsystem in Intel(R) CSME 12.0.0 up to and including 12.0.34 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
Intel Converged Security Management Engine Firmware
6.7
CVSSv3
CVE-2019-0170
Buffer overflow in subsystem in Intel(R) DAL before version 12.0.35 may allow a privileged user to potentially enable escalation of privilege via local access.
Intel Converged Security Management Engine Firmware
6.7
CVSSv3
CVE-2019-0089
Improper data sanitization vulnerability in subsystem in Intel(R) SPS prior to SPS_E5_04.00.04.381.0, SPS_E3_04.01.04.054.0, SPS_SoC-A_04.00.04.181.0, and SPS_SoC-X_04.00.04.086.0 may allow a privileged user to potentially enable escalation of privilege via local access.
Intel Server Platform Services
7.8
CVSSv3
CVE-2019-0086
Insufficient access control vulnerability in Dynamic Application Loader software for Intel(R) CSME prior to 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access.
Intel Converged Security Management Engine Firmware
Intel Trusted Execution Engine Firmware
6.8
CVSSv3
CVE-2019-0098
Logic bug vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) TXE prior to 3.1.65, 4.0.15 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
Intel Converged Security Management Engine Firmware
Intel Trusted Execution Engine Firmware
7.5
CVSSv3
CVE-2020-11993
Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of mod_http2 above "in...
Apache Http Server
Netapp Clustered Data Ontap -
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 10.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Hyperion Infrastructure Technology 11.1.2.4
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Communications Session Route Manager
Oracle Communications Session Report Manager
Oracle Communications Element Manager
Oracle Zfs Storage Appliance Kit 8.8
NA
CVE-2002-0071
Buffer overflow in the ism.dll ISAPI extension that implements HTR scripting in Internet Information Server (IIS) 4.0 and 5.0 allows malicious users to cause a denial of service or execute arbitrary code via HTR requests with long variable names.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
9.8
CVSSv3
CVE-2020-11984
Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE
Apache Http Server
Netapp Clustered Data Ontap -
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Opensuse Leap 15.2
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Hyperion Infrastructure Technology 11.1.2.4
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Communications Session Route Manager
Oracle Communications Session Report Manager
Oracle Communications Element Manager
Oracle Zfs Storage Appliance Kit 8.8
7 Github repositories
7.5
CVSSv3
CVE-2021-1223
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote malicious user to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of an HTTP range header. An attacker could ...
Cisco Firepower Management Center 2.9.14.0
Cisco Firepower Management Center 2.9.15
Cisco Firepower Management Center 2.9.16
Cisco Firepower Threat Defense
Cisco Ios Xe
Snort Snort
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »