Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
on-premise vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2021-44875
Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to User enumeration. The Systeam application is an ERP system that uses a mixed architecture based on SaaS tenant and user management, and on-premise database and web application counterparts. This issue occurs during the pa...
Dalmark Systeam Enterprise Resource Planning 2.22.8
7.5
CVSSv3
CVE-2020-1018
An information disclosure vulnerability exists when Microsoft Dynamics Business Central/NAV on-premise does not properly hide the value of a masked field when showing the records as a chart page.The attacker who successfully exploited the vulnerability could see the information t...
Microsoft Dynamics 365 Business Central -
Microsoft Dynamics 365 Business Central 2019
Microsoft Dynamics Nav 2015
Microsoft Dynamics Nav 2016
Microsoft Dynamics Nav 2017
Microsoft Dynamics Nav 2018
1 Article
8.8
CVSSv3
CVE-2021-44874
Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to Insecure design on report build via SQL query. The Systeam application is an ERP system that uses a mixed architecture based on SaaS tenant and user management, and on-premise database and web application counterparts. Th...
Dalmark Systeam Enterprise Resource Planning 2.22.8
NA
CVE-2024-4844
Hardcoded credentials vulnerability in Trellix ePolicy Orchestrator (ePO) on Premise before 5.10 Service Pack 1 Update 2 allows an attacker with admin privileges on the ePO server to read the contents of the orion.keystore file, allowing them to access the ePO database encryption...
8.8
CVSSv3
CVE-2019-1229
An elevation of privilege vulnerability exists in Dynamics On-Premise v9. An attacker who successfully exploited the vulnerability could leverage a customizer privilege within Dynamics to gain control of the Web Role hosting the Dynamics installation. To exploit this vulnerabilit...
Microsoft Dynamics 365 9.0
1 Article
3.3
CVSSv3
CVE-2022-21388
Vulnerability in the Oracle Communications Pricing Design Center product of Oracle Communications Applications (component: On Premise Install). Supported versions that are affected are 12.0.0.3.0 and 12.0.0.4.0. Easily exploitable vulnerability allows low privileged attacker with...
Oracle Communications Pricing Design Center 12.0.0.3.0
Oracle Communications Pricing Design Center 12.0.0.4.0
7.5
CVSSv3
CVE-2020-28856
OpenAsset Digital Asset Management (DAM) up to and including 12.0.19 does not correctly determine the HTTP request's originating IP address, allowing malicious users to spoof it using X-Forwarded-For in the header, by supplying localhost address such as 127.0.0.1, effectivel...
Openasset Digital Asset Management
6.5
CVSSv3
CVE-2023-22737
wire-server provides back end services for Wire, a team communication and collaboration platform. Prior to version 2022-12-09, every member of a Conversation can remove a Bot from a Conversation due to a missing permissions check. Only Conversation admins should be able to remove...
Wire Wire
2.3
CVSSv3
CVE-2022-23605
Wire webapp is a web client for the wire messaging protocol. In versions prior to 2022-01-27-production.0 expired ephemeral messages were not reliably removed from local chat history of Wire Webapp. In versions prior to 2022-01-27-production.0 ephemeral messages and assets might ...
Wire Wire-webapp 2016-07-29-17-00
Wire Wire-webapp 2016-08-04-15-44
Wire Wire-webapp 2016-08-23-09-31
Wire Wire-webapp 2016-08-24-10-10
Wire Wire-webapp 2016-08-29-14-54
Wire Wire-webapp 2016-09-08-15-38
Wire Wire-webapp 2016-09-19-14-01
Wire Wire-webapp 2016-09-28-14-58
Wire Wire-webapp 2016-10-11-15-34
Wire Wire-webapp 2016-10-18-08-10
Wire Wire-webapp 2016-10-25-08-17
Wire Wire-webapp 2016-10-26-18-58
Wire Wire-webapp 2016-11-03-16-09
Wire Wire-webapp 2016-11-08-15-06
Wire Wire-webapp 2016-12-01-12-57
Wire Wire-webapp 2016-12-13-15-12
Wire Wire-webapp 2017-01-23-12-12
Wire Wire-webapp 2017-02-01-14-49
Wire Wire-webapp 2017-02-17-10-10
Wire Wire-webapp 2017-02-24-13-06
Wire Wire-webapp 2017-03-08-17-32
Wire Wire-webapp 2017-03-14-15-05
7.5
CVSSv3
CVE-2021-41119
Wire-server is the system server for the wire back-end services. Releases prior to v2022-03-01 are subject to a denial of service attack via a crafted object causing a hash collision. This collision causes the server to spend at least quadratic time parsing it which can lead to a...
Wire Wire-server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »