Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
enterprise developer vulnerabilities and exploits
(subscribe to this query)
409
VMScore
CVE-2021-28823
The Windows Installation component of TIBCO Software Inc.'s TIBCO eFTL - Community Edition, TIBCO eFTL - Developer Edition, and TIBCO eFTL - Enterprise Edition contains a vulnerability that theoretically allows a low privileged attacker with local access on some versions of ...
Tibco Eftl
409
VMScore
CVE-2021-28824
The Windows Installation component of TIBCO Software Inc.'s TIBCO ActiveSpaces - Community Edition, TIBCO ActiveSpaces - Developer Edition, and TIBCO ActiveSpaces - Enterprise Edition contains a vulnerability that theoretically allows a low privileged attacker with local acc...
Tibco Activespaces
409
VMScore
CVE-2021-28820
The FTL Server (tibftlserver), FTL C API, FTL Golang API, FTL Java API, and FTL .Net API components of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, and TIBCO FTL - Enterprise Edition contain a vulnerability that theoretically allows a l...
Tibco Ftl
NA
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Ietf Http 2.0
Nghttp2 Nghttp2
Netty Netty
Envoyproxy Envoy 1.27.0
Envoyproxy Envoy 1.26.4
Envoyproxy Envoy 1.25.9
Envoyproxy Envoy 1.24.10
Eclipse Jetty
Caddyserver Caddy
Golang Http2
Golang Go
Golang Networking
F5 Big-ip Analytics
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Domain Name System
F5 Big-ip Application Security Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
35 Github repositories
2 Articles
516
VMScore
CVE-2017-1398
IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 6.0, 7.0, and 8.0 could allow a remote malicious user to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit ...
Ibm Websphere Commerce 8.0.1.7
Ibm Websphere Commerce 8.0.0.2
Ibm Websphere Commerce 8.0.0.5
Ibm Websphere Commerce 8.0.0.18
Ibm Websphere Commerce 8.0.1.6
Ibm Websphere Commerce 8.0.0.6
Ibm Websphere Commerce 8.0.1.0
Ibm Websphere Commerce 8.0.0.9
Ibm Websphere Commerce 8.0.0.14
Ibm Websphere Commerce 8.0.0.8
Ibm Websphere Commerce 8.0.0.11
Ibm Websphere Commerce 8.0.1.12
Ibm Websphere Commerce 8.0.0.1
Ibm Websphere Commerce 8.0.0.15
Ibm Websphere Commerce 8.0.0.4
Ibm Websphere Commerce 8.0.1.1
Ibm Websphere Commerce 8.0.0.17
Ibm Websphere Commerce 8.0.0.3
Ibm Websphere Commerce 8.0.1.5
Ibm Websphere Commerce 8.0.1.4
Ibm Websphere Commerce 8.0.0.12
Ibm Websphere Commerce 8.0.1.11
892
VMScore
CVE-2021-42392
The org.h2.util.JdbcUtils.getConnection method of the H2 database takes as parameters the class name of the driver and URL of the database. An attacker may pass a JNDI driver name and a URL leading to a LDAP or RMI servers, causing remote code execution. This can be exploited thr...
H2database H2
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Oracle Communications Cloud Native Core Policy 1.15.0
8 Github repositories
405
VMScore
CVE-2021-45105
Apache Log4j2 versions 2.0-alpha1 up to and including 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted strin...
Apache Log4j
Netapp Cloud Manager -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Sonicwall Network Security Manager
Sonicwall Email Security
Sonicwall Web Application Firewall
Sonicwall 6bk1602-0aa12-0tp0 Firmware
Sonicwall 6bk1602-0aa22-0tp0 Firmware
Sonicwall 6bk1602-0aa32-0tp0 Firmware
Sonicwall 6bk1602-0aa42-0tp0 Firmware
Sonicwall 6bk1602-0aa52-0tp0 Firmware
Oracle E-business Suite 12.2
Oracle Retail Back Office 14.1
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Sites 12.2.1.3.0
Oracle Managed File Transfer 12.2.1.3.0
Oracle Retail Order Broker 16.0
Oracle Retail Integration Bus 14.1.3
Oracle Retail Returns Management 14.1
Oracle Retail Central Office 14.1
75 Github repositories
5 Articles
445
VMScore
CVE-2005-2378
Directory traversal vulnerability in Oracle Reports allows remote malicious users to read arbitrary files via an absolute or relative path to the (1) CUSTOMIZE or (2) desformat parameters to rwservlet. NOTE: vector 2 is probably the same as CVE-2006-0289, and fixed in Jan 2006 CP...
Oracle Reports
383
VMScore
CVE-2020-6480
Insufficient policy enforcement in enterprise in Google Chrome before 83.0.4103.61 allowed a local malicious user to bypass navigation restrictions via UI actions.
Google Chrome
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 9.0
Debian Debian Linux 10.0
445
VMScore
CVE-2005-2371
Directory traversal vulnerability in Oracle Reports 6.0, 6i, 9i, and 10g allows remote malicious users to overwrite arbitrary files via (1) "..", (2) Windows drive letter (C:), and (3) absolute path sequences in the desname parameter. NOTE: this issue was probably fixed...
Oracle Reports 6.0
Oracle Reports 9i
Oracle Reports 10g
Oracle Reports 6i
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »