Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
service provider vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2021-25341
Calling of non-existent provider in S Assistant prior to version 6.5.01.22 allows unauthorized actions including denial of service attack by hijacking the provider.
Samsung S Assistant
2.1
CVSSv2
CVE-2021-25342
Calling of non-existent provider in SMP sdk prior to version 3.0.9 allows unauthorized actions including denial of service attack by hijacking the provider.
Samsung Members
5
CVSSv2
CVE-2020-1967
Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or u...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Freebsd Freebsd 12.1
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Jd Edwards World Security A9.4
Oracle Enterprise Manager Ops Center 12.4.0
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Mysql
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Mysql Enterprise Monitor
Oracle Mysql Workbench
Oracle Http Server 12.2.1.4.0
Oracle Enterprise Manager For Storage Management 13.3.0.0
Oracle Mysql Connectors
Oracle Enterprise Manager For Storage Management 13.4.0.0
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Application Server 12.1.3
7 Github repositories
1 Article
5
CVSSv2
CVE-2021-25330
Calling of non-existent provider in MobileWips application prior to SMR Feb-2021 Release 1 allows unauthorized actions including denial of service attack by hijacking the provider.
Google Android 10.0
9.3
CVSSv2
CVE-2006-5559
The Execute method in the ADODB.Connection 2.7 and 2.8 ActiveX control objects (ADODB.Connection.2.7 and ADODB.Connection.2.8) in the Microsoft Data Access Components (MDAC) 2.5 SP3, 2.7 SP1, 2.8, and 2.8 SP1 does not properly track freed memory when the second argument is a BSTR...
Microsoft Data Access Components 2.5
Microsoft Data Access Components 2.8
Microsoft Data Access Components 2.7
1 EDB exploit
9.3
CVSSv2
CVE-2009-3476
Buffer overflow in OpenSAML prior to 1.1.3 as used in Internet2 Shibboleth Service Provider software 1.3.x prior to 1.3.4, and XMLTooling prior to 1.2.2 as used in Internet2 Shibboleth Service Provider software 2.x prior to 2.2.1, allows remote malicious users to cause a denial o...
Internet2 Shibboleth-sp 1.3.2
Internet2 Shibboleth-sp 1.3.3
Internet2 Shibboleth-sp 1.3.1
Internet2 Shibboleth-sp 1.3f
Internet2 Opensaml 1.1
Internet2 Opensaml 1.1.1
Internet2 Xmltooling 1.1.0
Internet2 Xmltooling 1.0.1
Internet2 Xmltooling 1.1.1
Internet2 Xmltooling 1.2.0
Internet2 Xmltooling 1.2.1
Internet2 Shibboleth-sp 2.0
Internet2 Shibboleth-sp 2.1
Internet2 Shibboleth-sp 2.2
2.1
CVSSv2
CVE-2021-1546
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local malicious user to access sensitive information. This vulnerability is due to improper protections on file access through the CLI. An attacker could exploit this vulnerability by running a CLI ...
Cisco Sd-wan Vbond Orchestrator
Cisco Sd-wan Vmanage
Cisco Catalyst Sd-wan Manager
Cisco Vsmart Controller Firmware
Cisco Vedge 100 Firmware
Cisco Vedge 1000 Firmware
Cisco Vedge 100b Firmware
Cisco Vedge 100m Firmware
Cisco Vedge 100wm Firmware
Cisco Vedge 2000 Firmware
Cisco Vedge 5000 Firmware
Cisco Vedge Cloud Firmware
6.1
CVSSv2
CVE-2019-1849
A vulnerability in the Border Gateway Patrol (BGP) Multiprotocol Label Switching (MPLS)-based Ethernet VPN (EVPN) implementation of Cisco IOS XR Software could allow an unauthenticated, adjacent malicious user to trigger a denial of service (DoS) condition on an affected device. ...
Cisco Ios Xr
7.5
CVSSv2
CVE-2016-9841
inffast.c in zlib 1.2.8 might allow context-dependent malicious users to have unspecified impact by leveraging improper pointer arithmetic.
Zlib Zlib
Opensuse Leap 42.2
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Debian Debian Linux 8.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 16.04
Oracle Mysql
Oracle Database Server 18c
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Jdk 1.6.0
Oracle Jre 1.6.0
Oracle Jre 1.8.0
Oracle Jre 1.7.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Eus 7.4
1 Github repository
NA
CVE-2024-29212
Due to an unsafe de-serialization method used by the Veeam Service Provider Console(VSPC) server in communication between the management agent and its components, under certain conditions, it is possible to perform Remote Code Execution (RCE) on the VSPC server machine.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »