Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
policy automation vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2015-7976
The ntpq saveconfig command in NTP 4.1.2, 4.2.x prior to 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows malicious users to cause unspecified impact via a crafted filename.
Ntp Ntp 4.1.2
Ntp Ntp
Ntp Ntp 4.3.0
Ntp Ntp 4.3.1
Ntp Ntp 4.3.16
Ntp Ntp 4.3.17
Ntp Ntp 4.3.24
Ntp Ntp 4.3.25
Ntp Ntp 4.3.31
Ntp Ntp 4.3.32
Ntp Ntp 4.3.39
Ntp Ntp 4.3.4
Ntp Ntp 4.3.47
Ntp Ntp 4.3.48
Ntp Ntp 4.3.54
Ntp Ntp 4.3.55
Ntp Ntp 4.3.61
Ntp Ntp 4.3.62
Ntp Ntp 4.3.63
Ntp Ntp 4.3.7
Ntp Ntp 4.3.70
Ntp Ntp 4.3.77
4
CVSSv2
CVE-2013-3816
Unspecified vulnerability in the Oracle Policy Automation component in Oracle Industry Applications 10.2.0, 10.3.0, 10.3.1, 10.4.0, 10.4.1, and 10.4.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Determinations Engine.
Oracle Industry Applications 10.2.0
Oracle Industry Applications 10.3.0
Oracle Industry Applications 10.3.1
Oracle Industry Applications 10.4.0
Oracle Industry Applications 10.4.1
Oracle Industry Applications 10.4.2
3.5
CVSSv2
CVE-2015-7851
Directory traversal vulnerability in the save_config function in ntpd in ntp_control.c in NTP prior to 4.2.8p4, when used on systems that do not use '\' or '/' characters for directory separation such as OpenVMS, allows remote authenticated users to overwrite ...
Ntp Ntp
Ntp Ntp 4.2.8
2.6
CVSSv2
CVE-2021-21295
Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty (io.netty:netty-codec-http2) before version 4.1.60.Final there is a vulnerability that enables request ...
Netty Netty
Netapp Oncommand Workflow Automation -
Netapp Oncommand Api Services -
Debian Debian Linux 10.0
Quarkus Quarkus
Apache Kudu
Apache Zookeeper 3.5.9
Oracle Communications Cloud Native Core Policy 1.14.0
1 Github repository
2.6
CVSSv2
CVE-2019-7317
png_image_free in png.c in libpng 1.6.x prior to 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
Libpng Libpng
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
Oracle Jdk 11.0.3
Oracle Jdk 12.0.1
Oracle Java Se 8u212
Oracle Java Se 7u221
Oracle Mysql
Oracle Hyperion Infrastructure Technology 11.2.6.0
Hpe Xp7 Command View Advanced Edition Suite
Hp Xp7 Command View
Mozilla Thunderbird -
Mozilla Firefox Esr -
Opensuse Leap 42.3
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Package Hub -
Netapp Cloud Backup -
2.6
CVSSv2
CVE-2015-1787
The ssl3_get_client_key_exchange function in s3_srvr.c in OpenSSL 1.0.2 prior to 1.0.2a, when client authentication and an ephemeral Diffie-Hellman ciphersuite are enabled, allows remote malicious users to cause a denial of service (daemon crash) via a ClientKeyExchange message w...
Openssl Openssl 1.0.2
2.1
CVSSv2
CVE-2015-7975
The nextvar function in NTP prior to 4.2.8p6 and 4.3.x prior to 4.3.90 does not properly validate the length of its input, which allows an malicious user to cause a denial of service (application crash).
Ntp Ntp 4.3.0
Ntp Ntp 4.3.1
Ntp Ntp 4.3.16
Ntp Ntp 4.3.17
Ntp Ntp 4.3.18
Ntp Ntp 4.3.24
Ntp Ntp 4.3.25
Ntp Ntp 4.3.31
Ntp Ntp 4.3.32
Ntp Ntp 4.3.39
Ntp Ntp 4.3.4
Ntp Ntp 4.3.40
Ntp Ntp 4.3.47
Ntp Ntp 4.3.48
Ntp Ntp 4.3.54
Ntp Ntp 4.3.55
Ntp Ntp 4.3.62
Ntp Ntp 4.3.63
Ntp Ntp 4.3.7
Ntp Ntp 4.3.70
Ntp Ntp 4.3.77
Ntp Ntp 4.3.78
NA
CVE-2023-38122
Inductive Automation Ignition OPC UA Quick Client Permissive Cross-domain Policy Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Inductive Automation Ignition. Although authentication is ...
NA
CVE-2023-46281
A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Por...
Siemens Totally Integrated Automation Portal 18
Siemens Simatic Pcs Neo
Siemens Totally Integrated Automation Portal
Siemens Totally Integrated Automation Portal -
Siemens Opcenter Quality -
Siemens Sinumerik Integrate Runmyhmi \\/automotive -
NA
CVE-2023-46747
Undisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands. Note: Software versions which have reached End of Techni...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Carrier-grade Nat
F5 Big-ip Ddos Hybrid Defender
F5 Big-ip Ssl Orchestrator
F5 Big-ip Domain Name System
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Automation Toolchain
F5 Big-ip Container Ingress Services
F5 Big-ip Application Security Manager
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Visibility And Reporting
F5 Big-ip Fraud Protection Services
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Webaccelerator
F5 Big-ip Websafe
1 Metasploit module
12 Github repositories
4 Articles
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »