Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
associated vulnerabilities and exploits
(subscribe to this query)
2.7
CVSSv3
CVE-2019-4699
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 generates an error message that includes sensitive information about its environment, users, or associated data. IBM X-Force ID: 171931.
Ibm Guardium Data Encryption 3.0.0.2
Ibm Guardium For Cloud Key Management
9.8
CVSSv3
CVE-2021-42576
The bluemonday sanitizer prior to 1.0.16 for Go, and prior to 0.0.8 for Python (in pybluemonday), does not properly enforce policies associated with the SELECT, STYLE, and OPTION elements.
Microco Bluemonday
Python Pybluemonday
NA
CVE-2009-4671
Login.php in RoomPHPlanning 1.6 allows remote malicious users to bypass authentication and obtain administrative access by setting the room_phplanning cookie to a value associated with the admin account.
Beaussier Roomphplanning 1.6
1 EDB exploit
5.3
CVSSv3
CVE-2019-4570
IBM Tivoli Netcool Impact 7.1.0 up to and including 7.1.0.16 generates an error message that includes sensitive information about its environment, users, or associated data. IBM X-Force ID: 166720.
Ibm Tivoli Netcool\\/impact
7.5
CVSSv3
CVE-2018-12122
Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial of Service: An attacker can cause a Denial of Service (DoS) by sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time.
Nodejs Node.js
Suse Suse Linux Enterprise Server 12
Suse Suse Enterprise Storage 4
Suse Suse Openstack Cloud 7
Suse Suse Openstack Cloud 8
Suse Suse Linux Enterprise Server 15
1 Github repository
7.8
CVSSv3
CVE-2019-19705
Realtek Audio Drivers for Windows, as used on the Lenovo ThinkPad X1 Carbon 20A7, 20A8, 20BS, and 20BT prior to 6.0.8882.1 and 20KH and 20KG prior to 6.0.8907.1 (and on many other Lenovo and non-Lenovo products), mishandles DLL preloading.
Lenovo Ideacentre 510-15ikl Firmware
Lenovo Ideacentre 510s-08ikl Firmware
Lenovo Ideacentre 300s-11ish Firmware
Lenovo Ideacentre 310-15asr Firmware
Lenovo Ideacentre 310-15iap Firmware
Lenovo Ideacentre 310a-15iap Firmware
Lenovo Ideacentre 310s-08iap Firmware
Lenovo Ideacentre 510-15abr Firmware
Lenovo Ideacentre 510s-08ish Firmware
Lenovo Ideacentre 610s-02ish Firmware
Lenovo Ideacentre 620s-03ikl Firmware
Lenovo Ideacentre 700 Firmware
Lenovo Ideacentre 720-18asr Firmware
Lenovo Legion Y520t Z370 Firmware
Lenovo Legion Y720 Tower Firmware
Lenovo Legion Y720t Amd Firmware
Lenovo Legion Y920 Tower Firmware
Lenovo Lenovo V320-15iap Firmware
Lenovo Thinkcentre E74s Firmware
Lenovo Yangtian Mc H110 Firmware
Lenovo Yangtian Me\\/we H110 Firmware
Lenovo Yangtian Tc\\/wc H110 Pci Firmware
7.8
CVSSv3
CVE-2020-27225
In versions 4.18 and previous versions of the Eclipse Platform, the Help Subsystem does not authenticate active help requests to the local help web server, allowing an unauthenticated local malicious user to issue active help commands to the associated Eclipse Platform process or...
Eclipse Platform
4.3
CVSSv3
CVE-2017-1768
IBM Security Guardium Big Data Intelligence (SonarG) 3.1 generates an error message that includes sensitive information about its environment, users, or associated data. IBM X-Force ID: 136471.
Ibm Security Guardium Big Data Intelligence 3.1
9.1
CVSSv3
CVE-2021-40102
An issue exists in Concrete CMS up to and including 8.5.5. Arbitrary File deletion can occur via PHAR deserialization in is_dir (PHP Object Injection associated with the __wakeup magic method).
Concretecms Concrete Cms
9.8
CVSSv3
CVE-2018-18705
PhpTpoint hospital management system suffers from multiple SQL injection vulnerabilities via the index.php user parameter associated with LOGIN.php, or the rno parameter to ALIST.php, DUNDEL.php, PDEL.php, or PUNDEL.php.
Phptpoint Hospital Management System 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »