Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
system recovery vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-0285
The ssl3_client_hello function in s3_clnt.c in OpenSSL 1.0.2 prior to 1.0.2a does not ensure that the PRNG is seeded before proceeding with a handshake, which makes it easier for remote malicious users to defeat cryptographic protection mechanisms by sniffing the network and then...
Openssl Openssl 1.0.2
4.3
CVSSv2
CVE-2014-8006
The Disaster Recovery (DRA) feature on the Cisco ISB8320-E High-Definition IP-Only DVR allows remote malicious users to bypass authentication by establishing a TELNET session during a recovery boot, aka Bug ID CSCup85422.
Cisco Isb8320-e High-definition Ip-only Dvr -
4
CVSSv2
CVE-2022-26778
Veritas System Recovery (VSR) 18 and 21 stores a network destination password in the Windows registry during configuration of the backup configuration. This could allow a Windows user (who has sufficient privileges) to access a network file system that they were not authorized to...
Veritas System Recovery 18.0
Veritas System Recovery 21
4
CVSSv2
CVE-2021-3541
A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service.
Xmlsoft Libxml2
Redhat Jboss Core Services -
Oracle Zfs Storage Appliance Kit 8.8
Netapp Active Iq Unified Manager -
Netapp Cloud Backup -
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Manageability Software Development Kit -
Netapp Ontap Select Deploy Administration Utility -
Netapp Smi-s Provider -
Netapp Snapdrive -
Netapp H410c Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
4
CVSSv2
CVE-2019-1953
A vulnerability in the web portal of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote malicious user to view a password in clear text. The vulnerability is due to incorrectly logging the admin password when a user is forced to modify the d...
Cisco Enterprise Network Function Virtualization Infrastructure
4
CVSSv2
CVE-2014-0746
The disaster recovery system (DRS) in Cisco Unified Contact Center Express (Unified CCX) allows remote authenticated users to obtain sensitive information by reading extraneous fields in an HTML document, aka Bug ID CSCum95536.
Cisco Unified Contact Center Express Editor Software -
4
CVSSv2
CVE-2013-6978
The disaster recovery system (DRS) component in Cisco Unified Communications Manager (UCM) 9.1(1) and previous versions allows remote authenticated users to obtain sensitive device information by reading "extraneous information" in HTML source code, aka Bug ID CSCuj3924...
Cisco Unified Communications Manager 9.0\\(1\\)
Cisco Unified Communications Manager 8.6\\(4\\)
Cisco Unified Communications Manager 8.6\\(1\\)
Cisco Unified Communications Manager 8.6
Cisco Unified Communications Manager 8.5
Cisco Unified Communications Manager 8.0\\(3a\\)su3
Cisco Unified Communications Manager 8.0\\(2b\\)
Cisco Unified Communications Manager 8.0\\(2a\\)
Cisco Unified Communications Manager 7.1\\(5b\\)su2
Cisco Unified Communications Manager 7.1\\(5b\\)su1a
Cisco Unified Communications Manager 7.1\\(3b\\)su2
Cisco Unified Communications Manager 7.1\\(3b\\)su1
Cisco Unified Communications Manager 7.1\\(2b\\)
Cisco Unified Communications Manager 7.1\\(2a\\)su1
Cisco Unified Communications Manager 8.6\\(3\\)
Cisco Unified Communications Manager 8.6\\(2a\\)su3
Cisco Unified Communications Manager 8.5\\(1\\)su5
Cisco Unified Communications Manager 8.5\\(1\\)su4
Cisco Unified Communications Manager 8.0\\(3a\\)su2
Cisco Unified Communications Manager 8.0\\(3a\\)su1
Cisco Unified Communications Manager 8.0\\(2\\)
Cisco Unified Communications Manager 8.0\\(1\\)
3.6
CVSSv2
CVE-2021-27364
An issue exists in the Linux kernel up to and including 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages.
Linux Linux Kernel
Debian Debian Linux 9.0
Netapp Solidfire Baseboard Management Controller Firmware -
Oracle Tekelec Platform Distribution
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
9 Github repositories
3.6
CVSSv2
CVE-2021-27363
An issue exists in the Linux kernel up to and including 5.11.3. A kernel pointer leak can be used to determine the address of the iscsi_transport structure. When an iSCSI transport is registered with the iSCSI subsystem, the transport's handle is available to unprivileged us...
Linux Linux Kernel
Debian Debian Linux 9.0
Netapp Cloud Backup -
Netapp Solidfire Baseboard Management Controller Firmware -
9 Github repositories
3.5
CVSSv2
CVE-2008-1484
The password reset feature in PunBB 1.2.16 and previous versions uses predictable random numbers based on the system time, which allows remote authenticated users to determine the new password via a brute force attack on a seed that is based on the approximate creation time of th...
Punbb Punbb 1.0 Alpha
Punbb Punbb 1.0 Beta1
Punbb Punbb 1.1.3
Punbb Punbb 1.1.4
Punbb Punbb 1.0 Beta2
Punbb Punbb 1.0 Beta3
Punbb Punbb 1.0 Rc1
Punbb Punbb 1.1.5
Punbb Punbb 1.0
Punbb Punbb 1.0.1
Punbb Punbb 1.1.1
Punbb Punbb 1.1.2
Punbb Punbb 1.2.11
Punbb Punbb 1.2.12
Punbb Punbb 1.2.4
Punbb Punbb 1.2.5
Punbb Punbb 1.2
Punbb Punbb 1.2.15
Punbb Punbb 1.2.16
Punbb Punbb 1.2.8
Punbb Punbb 1.2.9
Punbb Punbb 1.2.13
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »