Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fuse vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2016-5055
OSRAM SYLVANIA Osram Lightify Pro prior to 2016-07-26 has XSS in the username field and Wireless Client Mode configuration page.
Osram Lightify Pro
1 Article
7.5
CVSSv3
CVE-2023-22602
When using Apache Shiro prior to 1.11.0 together with Spring Boot 2.6+, a specially crafted HTTP request may cause an authentication bypass. The authentication bypass occurs when Shiro and Spring Boot are using different pattern-matching techniques. Both Shiro and Spring Boot <...
Apache Shiro
Vmware Spring Boot 2.6.0
7.5
CVSSv3
CVE-2016-5051
OSRAM SYLVANIA Osram Lightify Home prior to 2016-07-26 stores a PSK in cleartext under /private/var/mobile/Containers/Data/Application.
Osram Lightify Home
1 Article
7.5
CVSSv3
CVE-2016-5052
OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 does not use SSL pinning.
Osram Lightify Home
1 Article
7.5
CVSSv3
CVE-2016-5054
OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 allows Zigbee replay.
Osram Lightify Home
1 Article
7.5
CVSSv3
CVE-2016-5057
OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 does not use SSL pinning.
Osram Lightify Pro
1 Article
7.5
CVSSv3
CVE-2016-5058
OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 allows Zigbee replay.
Osram Lightify Pro
1 Article
7.5
CVSSv3
CVE-2020-13933
Apache Shiro prior to 1.6.0, when using Apache Shiro, a specially crafted HTTP request may cause an authentication bypass.
Apache Shiro
Debian Debian Linux 9.0
3 Github repositories
7.5
CVSSv3
CVE-2019-5427
c3p0 version < 0.9.5.4 may be exploited by a billion laughs attack when loading XML configuration due to missing protections against recursive entity expansion when loading configuration.
Mchange C3p0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Oracle Retail Xstore Point Of Service 15.0
Oracle Flexcube Private Banking 12.1.0
Oracle Flexcube Private Banking 12.0.0
Oracle Webcenter Sites 12.2.1.3.0
Oracle Retail Xstore Point Of Service 16.0
Oracle Webcenter Sites 12.2.1.4.0
Oracle Retail Xstore Point Of Service 17.0
Oracle Retail Xstore Point Of Service 18.0
Oracle Retail Xstore Point Of Service 19.0
Oracle Communications Ip Service Activator 7.4.0
Oracle Communications Ip Service Activator 7.3.0
Oracle Hyperion Infrastructure Technology 11.1.2.4
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Communications Session Route Manager
Oracle Enterprise Manager Base Platform 13.2.1.0
Oracle Documaker
8.8
CVSSv3
CVE-2018-3258
Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/J). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL C...
Oracle Connector\\/j
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »