Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
billing system vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2003-1063
The patches (1) 105693-13, (2) 108800-02, (3) 105694-13, and (4) 108801-02 for cachefs on Solaris 2.6 and 7 overwrite the inetd.conf file, which may silently reenable services and allow remote malicious users to bypass the intended security policy.
Sun Solaris 2.6
Sun Sunos -
Sun Sunos 5.7
Sun Solaris 7.0
7.2
CVSSv2
CVE-2002-0084
Buffer overflow in the fscache_setup function of cachefsd in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long mount argument.
Sun Solaris 8.0
Sun Solaris 2.6
Sun Sunos 5.7
NA
CVE-2023-36815
Sealos is a Cloud Operating System designed for managing cloud-native applications. In version 4.2.0 and prior, there is a permission flaw in the Sealos billing system, which allows users to control the recharge resource account `sealos[.] io/v1/Payment`, resulting in the ability...
Sealos Sealos
10
CVSSv2
CVE-2002-0033
Heap-based buffer overflow in cfsd_calloc function of Solaris cachefsd allows remote malicious users to execute arbitrary code via a request with a long directory and cache name.
Sun Solaris 8.0
Sun Solaris 7.0
Sun Solaris 2.5.1
Sun Solaris 2.6
Sun Sunos -
1 EDB exploit
NA
CVE-2022-2429
The Ultimate SMS Notifications for WooCommerce plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.4.1 via the 'Export Utility' functionality. This makes it possible for authenticated attackers, such as a subscriber, to add untrusted ...
Ultimatesmsnotifications Ultimate Sms Notifications For Woocommerce
6.4
CVSSv2
CVE-2011-0348
Cisco IOS 12.4(11)MD, 12.4(15)MD, 12.4(22)MD, 12.4(24)MD prior to 12.4(24)MD3, 12.4(22)MDA prior to 12.4(22)MDA5, and 12.4(24)MDA prior to 12.4(24)MDA3 on the Cisco Content Services Gateway Second Generation (aka CSG2) allows remote malicious users to bypass intended access restr...
Cisco Ios 12.4\\(24\\)md
Cisco Ios 12.4\\(24\\)md1
Cisco Ios 12.4\\(24\\)mda
Cisco Ios 12.4\\(22\\)mda
Cisco Ios 12.4\\(15\\)md
Cisco Ios 12.4\\(22\\)md
Cisco Ios 12.4\\(11\\)md
5
CVSSv2
CVE-2021-35515
When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop. This could be used to mount a denial of service attack against services that use Compress' sevenz package.
Apache Commons Compress
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager -
Oracle Flexcube Universal Banking 12.4.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Banking Digital Experience 19.1
Oracle Flexcube Universal Banking
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Primavera Unifier 19.12
Oracle Banking Digital Experience 20.1
Oracle Primavera Unifier 20.12
Oracle Business Process Management Suite 12.2.1.4.0
Oracle Communications Messaging Server 8.1
Oracle Commerce Guided Search 11.3.2
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Insurance Policy Administration 11.3.0
Oracle Insurance Policy Administration 11.0.2
Oracle Financial Services Enterprise Case Management 8.0.8.1.0
Oracle Financial Services Enterprise Case Management 8.0.7.2.0
5
CVSSv2
CVE-2021-35516
When reading a specially crafted 7Z archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' sevenz pa...
Apache Commons Compress
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager -
Oracle Flexcube Universal Banking 12.4.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Banking Digital Experience 19.1
Oracle Flexcube Universal Banking
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Primavera Unifier 19.12
Oracle Webcenter Portal 12.2.1.4.0
Oracle Banking Digital Experience 19.2
Oracle Banking Digital Experience 20.1
Oracle Primavera Unifier 20.12
Oracle Business Process Management Suite 12.2.1.4.0
Oracle Communications Messaging Server 8.1
Oracle Commerce Guided Search 11.3.2
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Insurance Policy Administration 11.3.0
7.8
CVSSv2
CVE-2009-2051
Cisco IOS 12.2 up to and including 12.4 and 15.0 up to and including 15.1, Cisco IOS XE 2.5.x and 2.6.x prior to 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x prior to 5.1(3g), 6.x prior to 6.1(4), and 7.x prior to 7.1(2) allow remote m...
Cisco Unified Communications Manager
Cisco Ios
Cisco Ios Xe
5.8
CVSSv2
CVE-2021-29425
In Apache Commons IO prior to 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not furt...
Apache Commons Io 2.2
Apache Commons Io 2.3
Apache Commons Io 2.4
Apache Commons Io 2.5
Apache Commons Io 2.6
Debian Debian Linux 9.0
Oracle Weblogic Server 12.1.3.0.0
Oracle Retail Integration Bus 13.0
Oracle Flexcube Core Banking 5.2.0
Oracle Solaris Cluster 4.0
Oracle Access Manager 11.1.2.3.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Access Manager 12.2.1.3.0
Oracle Application Testing Suite 13.3.0.1
Oracle Retail Order Broker 16.0
Oracle Banking Platform 2.6.2
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Agile Plm 9.3.6
Oracle Banking Digital Experience 18.3
Oracle Banking Digital Experience 19.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »