Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rapid7 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-4959
Directory traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote malicious users to upload and execute files via a 130 /FSF/CMD request with a .. (dot dot) in a FILE element of an FSFUI record.
Novell File Reporter 1.0.2
2 EDB exploits
NA
CVE-2012-4933
The rtrlet web application in the Web Console in Novell ZENworks Asset Management (ZAM) 7.5 uses a hard-coded username of Ivanhoe and a hard-coded password of Scott for the (1) GetFile_Password and (2) GetConfigInfo_Password operations, which allows remote malicious users to obta...
Novell Zenworks Asset Management 7.5
NA
CVE-2013-3631
NAS4Free 9.1.0.1.804 and previous versions allows remote authenticated users to execute arbitrary PHP code via a request to exec.php, aka the "Advanced | Execute Command" feature. NOTE: this issue might not be a vulnerability, since it appears to be part of legitimate, ...
Nas4free Nas4free 9.1.0.1.798
Nas4free Nas4free
1 EDB exploit
9.8
CVSSv3
CVE-2016-5686
Johnson & Johnson Animas OneTouch Ping devices mishandle acknowledgements, which makes it easier for remote malicious users to bypass authentication via a custom communication protocol.
Animas Onetouch Ping Firmware -
9.8
CVSSv3
CVE-2016-5086
Johnson & Johnson Animas OneTouch Ping devices allow remote malicious users to bypass authentication via replay attacks.
Animas Onetouch Ping Firmware -
7.5
CVSSv3
CVE-2016-5084
Johnson & Johnson Animas OneTouch Ping devices do not use encryption for certain data, which might allow remote malicious users to obtain sensitive information by sniffing the network.
Animas Onetouch Ping Firmware -
7.5
CVSSv3
CVE-2016-5085
Johnson & Johnson Animas OneTouch Ping devices do not properly generate random numbers, which makes it easier for remote malicious users to spoof meters by sniffing the network and then engaging in an authentication handshake.
Animas Onetouch Ping Firmware -
6.9
CVSSv3
CVE-2015-6005
Multiple cross-site scripting (XSS) vulnerabilities in IPSwitch WhatsUp Gold prior to 16.4 allow remote malicious users to inject arbitrary web script or HTML via (1) an SNMP OID object, (2) an SNMP trap message, (3) the View Names field, (4) the Group Names field, (5) the Flow M...
Ipswitch Whatsup Gold
NA
CVE-2002-1359
Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote malicious users to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH protocol test suite.
Cisco Ios 12.2s
Cisco Ios 12.2t
Cisco Ios 12.1e
Cisco Ios 12.1ea
Cisco Ios 12.0s
Cisco Ios 12.0st
Cisco Ios 12.1t
Cisco Ios 12.2
Putty Putty 0.53
Winscp Winscp 2.0.0
Netcomposite Shellguard Ssh 3.4.6
Pragma Systems Secureshell 2.0
Fissh Ssh Client 1.0a For Windows
Intersoft Securenetterm 5.4.1
Putty Putty 0.48
Putty Putty 0.49
2 EDB exploits
NA
CVE-2002-1358
Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote malicious users to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.
Cisco Ios 12.0s
Cisco Ios 12.0st
Cisco Ios 12.1t
Cisco Ios 12.2
Cisco Ios 12.2s
Cisco Ios 12.1e
Cisco Ios 12.1ea
Cisco Ios 12.2t
Fissh Ssh Client 1.0a For Windows
Intersoft Securenetterm 5.4.1
Putty Putty 0.48
Putty Putty 0.49
Netcomposite Shellguard Ssh 3.4.6
Pragma Systems Secureshell 2.0
Putty Putty 0.53
Winscp Winscp 2.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »