Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
storm vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2018-1332
Apache Storm version 1.0.6 and previous versions, 1.2.1 and previous versions, and version 1.1.2 and previous versions expose a vulnerability that could allow a user to impersonate another user when communicating with some Storm Daemons.
Apache Storm
294
VMScore
CVE-2018-0054
On QFX5000 Series and EX4600 switches, a high rate of Ethernet pause frames or an ARP packet storm received on the management interface (fxp0) can cause egress interface congestion, resulting in routing protocol packet drops, such as BGP, leading to peering flaps. The following l...
Juniper Junos 14.1x53
Juniper Junos 15.1
Juniper Junos 15.1x53
Juniper Junos 16.1
Juniper Junos 16.2
Juniper Junos 17.1
Juniper Junos 17.2
Juniper Junos 17.2x75
Juniper Junos 17.3
Juniper Junos 17.4
Juniper Junos 18.1
187
VMScore
CVE-2010-2158
Multiple cross-site scripting (XSS) vulnerabilities in the Storm module 5.x and 6.x prior to 6.x-1.33 for Drupal allow remote authenticated users, with certain module privileges, to inject arbitrary web script or HTML via the (1) fullname, (2) phone, or (3) im parameter in a stor...
Speedtech Storm 5.x-1.1
Speedtech Storm 5.x-1.2
Speedtech Storm 5.x-1.3
Speedtech Storm 5.x-1.4
Speedtech Storm 5.x-1.5
Speedtech Storm 5.x-1.6
Speedtech Storm 5.x-1.7
Speedtech Storm 5.x-1.8
Speedtech Storm 5.x-1.9
Speedtech Storm 5.x-1.10
Speedtech Storm 5.x-1.11
Speedtech Storm 5.x-1.12
Speedtech Storm 5.x-1.13
Speedtech Storm 5.x-1.14
Speedtech Storm 5.x-1.x
Speedtech Storm 6.x-1.0
Speedtech Storm 6.x-1.1
Speedtech Storm 6.x-1.2
Speedtech Storm 6.x-1.3
Speedtech Storm 6.x-1.4
Speedtech Storm 6.x-1.5
Speedtech Storm 6.x-1.6
187
VMScore
CVE-2010-2123
Multiple cross-site scripting (XSS) vulnerabilities in the Storm module 5.x and 6.x prior to 6.x-1.33 for Drupal allow remote authenticated users, with certain module privileges, to inject arbitrary web script or HTML via the (1) fullname, (2) address, (3) city, (4) provstate (ak...
Speedtech Storm 5.x-1.1
Speedtech Storm 5.x-1.2
Speedtech Storm 5.x-1.3
Speedtech Storm 5.x-1.4
Speedtech Storm 5.x-1.5
Speedtech Storm 5.x-1.6
Speedtech Storm 5.x-1.7
Speedtech Storm 5.x-1.8
Speedtech Storm 5.x-1.9
Speedtech Storm 5.x-1.10
Speedtech Storm 5.x-1.11
Speedtech Storm 5.x-1.12
Speedtech Storm 5.x-1.13
Speedtech Storm 5.x-1.14
Speedtech Storm 5.x-1.x
Speedtech Storm 6.x-1.0
Speedtech Storm 6.x-1.1
Speedtech Storm 6.x-1.2
Speedtech Storm 6.x-1.3
Speedtech Storm 6.x-1.4
Speedtech Storm 6.x-1.5
Speedtech Storm 6.x-1.6
187
VMScore
CVE-2005-2487
Unknown vulnerability in Sun McData switches and directors 4300, 4500, 6064, and 6140 before E/OS 6.0.0 may allow malicious users to cause a denial of service (connectivity and array access loss) via a network broadcast storm.
Mcdata Sphereon 4300 Fabric Switch
Mcdata Intrepid 6140 Director Switch
Mcdata Sphereon 4500 Fabric Switch
Mcdata Intrepid 6064 Director Switch
NA
CVE-2024-26684
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: xgmac: fix handling of DPP safety error for DMA channels Commit 56e58d6c8a56 ("net: stmmac: Implement Safety Features in XGMAC core") checks and reports safety errors, but leaves the Data P...
NA
CVE-2023-51402
Cross-Site Request Forgery (CSRF) vulnerability in Brain Storm Force Ultimate Addons for WPBakery Page Builder.This issue affects Ultimate Addons for WPBakery Page Builder: from n/a up to and including 3.19.17.
Brainstormforce Ultimate Addons For Wpbakery Page Builder
NA
CVE-2023-43123
On unix-like systems, the temporary directory is shared between all user. As such, writing to this directory using APIs that do not explicitly set the file/directory permissions can lead to information disclosure. Of note, this does not impact modern MacOS Operating Systems. The ...
Apache Storm
NA
CVE-2023-44181
An Improperly Implemented Security Check for Standard vulnerability in storm control of Juniper Networks Junos OS QFX5k devices allows packets to be punted to ARP queue causing a l2 loop resulting in a DDOS violations and DDOS syslog. This issue is triggered when Storm control i...
Juniper Junos
Juniper Junos 20.2
Juniper Junos 20.3
Juniper Junos 20.4
Juniper Junos 21.1
Juniper Junos 21.2
Juniper Junos 21.3
Juniper Junos 21.4
Juniper Junos 22.1
Juniper Junos 22.2
NA
CVE-2023-25042
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Liam Gladdy (Storm Consultancy) oAuth Twitter Feed for Developers plugin <= 2.3.0 versions.
Stormconsultancy Oauth Twitter Feed For Developers
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4541
CVE-2024-3080
CVE-2024-4787
log injection
CVE-2024-5967
inject
CVE-2024-30078
CVE-2024-5899
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »