Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
protection center vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2019-12696
Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote malicious user to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vulnerabilities, see the Details sect...
Cisco Firepower 6.2.3.1
Cisco Firepower 6.3.0
Cisco Firepower 6.2.3.7
Cisco Firepower 6.4.0
445
VMScore
CVE-2018-0455
A vulnerability in the Server Message Block Version 2 (SMBv2) and Version 3 (SMBv3) protocol implementation for the Cisco Firepower System Software could allow an unauthenticated, remote malicious user to cause the device to run low on system memory, possibly preventing the devic...
Cisco Firepower System Software 6.0.1
Cisco Firepower System Software 6.2.1
Cisco Firepower System Software 6.1.0
Cisco Firepower System Software 6.2.0.2
Cisco Firepower System Software 6.2.2
Cisco Firepower System Software 6.0
Cisco Firepower System Software 6.2.0
Cisco Firepower System Software 6.2.3
517
VMScore
CVE-2021-3712
ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Santricity Smi-s Provider -
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Manageability Software Development Kit -
Netapp Storage Encryption -
Netapp E-series Santricity Os Controller
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
Tenable Tenable.sc
Tenable Nessus Network Monitor
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Zfs Storage Appliance Kit 8.8
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Mysql Server
Oracle Mysql Workbench
2 Github repositories
571
VMScore
CVE-2020-24977
GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.
Xmlsoft Libxml2 2.9.10
Debian Debian Linux 9.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Opensuse Leap 15.1
Opensuse Leap 15.2
Netapp Snapdrive -
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Active Iq Unified Manager
Netapp Manageability Software Development Kit -
Netapp Inventory Collect Tool -
Netapp Hci H410c Firmware -
Oracle Http Server 12.2.1.3.0
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Http Server 12.2.1.4.0
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Enterprise Manager Base Platform 13.5.0.0
Oracle Mysql Workbench
Oracle Real User Experience Insight 13.4.1.0
510
VMScore
CVE-2010-1870
The OGNL extensive expression evaluation capability in XWork in Struts 2.0.0 up to and including 2.1.8.1, as used in Atlassian Fisheye, Crucible, and possibly other products, uses a permissive whitelist, which allows remote malicious users to modify server-side context objects an...
Apache Struts 2.0.8
Apache Struts 2.0.9
Apache Struts 2.0.3
Apache Struts 2.0.11.2
Apache Struts 2.0.11.1
Apache Struts 2.0.10
Apache Struts 2.0.5
Apache Struts 2.0.2
Apache Struts 2.1.5
Apache Struts 2.1.4
Apache Struts 2.0.1
Apache Struts 2.1.3
Apache Struts 2.1.2
Apache Struts 2.0.7
Apache Struts 2.0.11
Apache Struts 2.0.14
Apache Struts 2.0.13
Apache Struts 2.1.1
Apache Struts 2.1.0
Apache Struts 2.0.0
Apache Struts 2.0.6
Apache Struts 2.0.4
2 EDB exploits
1 Article
605
VMScore
CVE-2021-3518
There's a flaw in libxml2 in versions prior to 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability...
Xmlsoft Libxml2
Debian Debian Linux 9.0
Redhat Jboss Core Services -
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Netapp Ontap Select Deploy Administration Utility -
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Snapdrive -
Netapp Active Iq Unified Manager -
Netapp Manageability Software Development Kit -
Netapp Hci H410c Firmware -
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Enterprise Manager Base Platform 13.5.0.0
Oracle Mysql Workbench
Oracle Real User Experience Insight 13.4.1.0
Oracle Real User Experience Insight 13.5.1.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
892
VMScore
CVE-2022-1292
The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the ...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Santricity Smi-s Provider -
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Clustered Data Ontap -
Netapp Smi-s Provider -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Solidfire \\& Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Netapp Snapmanager -
Netapp A700s Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
7 Github repositories
1 Article
383
VMScore
CVE-2021-3537
A vulnerability found in libxml2 in versions prior to 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the applic...
Xmlsoft Libxml2
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Jboss Core Services -
Redhat Enterprise Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Netapp Ontap Select Deploy Administration Utility -
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Snapdrive -
Netapp Active Iq Unified Manager -
Netapp Manageability Software Development Kit -
Netapp Hci H410c Firmware -
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Openjdk 8
Oracle Enterprise Manager Base Platform 13.5.0.0
Oracle Mysql Workbench
Oracle Real User Experience Insight 13.4.1.0
668
VMScore
CVE-2021-3711
In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" paramete...
Openssl Openssl
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Santricity Smi-s Provider -
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Manageability Software Development Kit -
Netapp Storage Encryption -
Netapp E-series Santricity Os Controller
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Jd Edwards World Security A9.4
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Enterprise Session Border Controller 8.4
Oracle Enterprise Communications Broker 3.2.0
Oracle Zfs Storage Appliance Kit 8.8
Oracle Peoplesoft Enterprise Peopletools 8.59
1 Github repository
1 Article
605
VMScore
CVE-2021-1422
A vulnerability in the software cryptography module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker or an unauthenticated attacker in a man-in-the-middle position to cause an unexp...
Cisco Adaptive Security Appliance Software 9.16.1
Cisco Firepower Threat Defense 7.0.0.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »