Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
protection engine vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2021-1223
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote malicious user to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of an HTTP range header. An attacker could ...
Cisco Firepower Management Center 2.9.14.0
Cisco Firepower Management Center 2.9.15
Cisco Firepower Management Center 2.9.16
Cisco Firepower Threat Defense
Cisco Ios Xe
Snort Snort
446
VMScore
CVE-2021-37136
The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data (which affects the allocation size used during decompression). All users of Bzip2Decoder are affected. The malicious input can trigger an OOME and so a DoS attack
Netty Netty
Quarkus Quarkus
Oracle Peoplesoft Enterprise Peopletools 8.48
Oracle Webcenter Portal 12.2.1.3.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Banking Digital Experience 18.2
Oracle Banking Digital Experience 18.3
Oracle Banking Digital Experience 19.1
Oracle Banking Digital Experience 18.1
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Coherence 12.2.1.4.0
Oracle Webcenter Portal 12.2.1.4.0
Oracle Coherence 14.1.1.0.0
Oracle Banking Digital Experience 19.2
Oracle Banking Digital Experience 20.1
Oracle Commerce Guided Search 11.3.2
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.7.0
Oracle Banking Digital Experience 21.1
Oracle Banking Apis
Oracle Banking Apis 19.1
Oracle Banking Apis 19.2
510
VMScore
CVE-2010-1870
The OGNL extensive expression evaluation capability in XWork in Struts 2.0.0 up to and including 2.1.8.1, as used in Atlassian Fisheye, Crucible, and possibly other products, uses a permissive whitelist, which allows remote malicious users to modify server-side context objects an...
Apache Struts 2.0.8
Apache Struts 2.0.9
Apache Struts 2.0.3
Apache Struts 2.0.11.2
Apache Struts 2.0.11.1
Apache Struts 2.0.10
Apache Struts 2.0.5
Apache Struts 2.0.2
Apache Struts 2.1.5
Apache Struts 2.1.4
Apache Struts 2.0.1
Apache Struts 2.1.3
Apache Struts 2.1.2
Apache Struts 2.0.7
Apache Struts 2.0.11
Apache Struts 2.0.14
Apache Struts 2.0.13
Apache Struts 2.1.1
Apache Struts 2.1.0
Apache Struts 2.0.0
Apache Struts 2.0.6
Apache Struts 2.0.4
2 EDB exploits
1 Article
383
VMScore
CVE-2009-3588
Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other...
Ca Internet Security Suite Plus 2009
Ca Gateway Security R8.1
Ca Common Services 3.1
Ca Etrust Secure Content Manager 8.0
Ca Etrust Anti-virus Sdk
Ca Anti-virus For The Enterprise R8.1
Ca Arcserve For Windows Server Component
Ca Etrust Intrusion Detection 2.0
Ca Threat Manager 8.1
Ca Protection Suites R3
Ca Etrust Ez Antivirus R7.1
Ca Internet Security Suite 2008
Ca Anti-virus 2009
Ca Etrust Intrusion Detection 3.0
Ca Anti-virus Plus 2009
Ca Protection Suites R3.1
Ca Anti-virus Gateway 7.1
Ca Threat Manager R8
Ca Etrust Anti-virus Gateway 7.1
Ca Arcserve For Windows Client Agent
Ca Threat Manager Total Defense
Ca Internet Security Suite Plus 2008
828
VMScore
CVE-2009-3587
Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other...
Ca Internet Security Suite Plus 2009
Ca Gateway Security R8.1
Ca Common Services 3.1
Ca Etrust Secure Content Manager 8.0
Ca Etrust Anti-virus Sdk
Ca Anti-virus For The Enterprise R8.1
Ca Arcserve For Windows Server Component
Ca Etrust Intrusion Detection 2.0
Ca Threat Manager 8.1
Ca Protection Suites R3
Ca Etrust Ez Antivirus R7.1
Ca Internet Security Suite 2008
Ca Anti-virus 2009
Ca Etrust Intrusion Detection 3.0
Ca Anti-virus Plus 2009
Ca Protection Suites R3.1
Ca Anti-virus Gateway 7.1
Ca Threat Manager R8
Ca Etrust Anti-virus Gateway 7.1
Ca Arcserve For Windows Client Agent
Ca Arcserve Backup R11.5
Ca Threat Manager Total Defense
445
VMScore
CVE-2019-12295
In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the dissection engine could crash. This was addressed in epan/packet.c by restricting the number of layers and consequently limiting recursion.
Wireshark Wireshark
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Edge Gateway
F5 Big-ip Fraud Protection Service
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Webaccelerator
F5 Big-ip Application Acceleration Manager 15.1.0
F5 Big-ip Local Traffic Manager 15.1.0
F5 Big-ip Advanced Firewall Manager 15.1.0
F5 Big-ip Policy Enforcement Manager 15.1.0
385
VMScore
CVE-2019-8331
In Bootstrap prior to 3.4.1 and 4.3.x prior to 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
Getbootstrap Bootstrap
F5 Big-ip Local Traffic Manager
F5 Big-ip Application Security Manager
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Domain Name System
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Webaccelerator
F5 Big-ip Edge Gateway
Redhat Virtualization Manager 4.3
Tenable Tenable.sc
7 Github repositories
445
VMScore
CVE-2019-1704
Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote malicious user to cause a denial of service (DoS) condition. For more information...
Cisco Firepower Threat Defense
294
VMScore
CVE-2019-1696
Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote malicious user to cause a denial of service (DoS) condition. For more information...
Cisco Firepower Management Center 2.9.11
Cisco Firepower Management Center 2.9.12
Cisco Firepower Management Center 2.9.13
Cisco Firepower Management Center 2.9.9
Cisco Firepower Management Center 2.9.10
Cisco Firepower Management Center 2.9.8
Cisco Firepower Threat Defense
383
VMScore
CVE-2012-1443
The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft ...
Ikarus Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0
Emsisoft Anti-malware 5.1.0.1
Trendmicro Housecall 9.120.0.1004
Kaspersky Kaspersky Anti-virus 7.0.0.125
Mcafee Scan Engine 5.400.0.1158
Pandasecurity Panda Antivirus 10.0.2.7
Mcafee Gateway 2010.1c
Ahnlab V3 Internet Security 2011.01.18.00
Avg Avg Anti-virus 10.0.0.1190
Cat Quick Heal 11.00
Gdata-software G Data Antivirus 21
Virusbuster Virusbuster 13.6.151.0
Fortinet Fortinet Antivirus 4.2.254.0
Sophos Sophos Anti-virus 4.61.0
Eset Nod32 Antivirus 5795
Bitdefender Bitdefender 7.2
Aladdin Esafe 7.0.17.0
Anti-virus Vba32 3.12.14.2
Symantec Endpoint Protection 11.0
Authentium Command Antivirus 5.2.11.5
Antiy Avl Sdk 2.0.3.7
K7computing Antivirus 9.77.3565
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »