Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
traffic server vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2018-10066
An issue exists in MikroTik RouterOS 6.41.4. Missing OpenVPN server certificate verification allows a remote unauthenticated attacker capable of intercepting client traffic to act as a malicious OpenVPN server. This may allow the malicious user to gain access to the client's...
Mikrotik Routeros 6.41.4
8.1
CVSSv3
CVE-2017-0166
An elevation of privilege vulnerability exists in Windows when LDAP request buffer lengths are improperly calculated. In a remote attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to send malicious traffic to a Domain Control...
Microsoft Windows 8.1
Microsoft Windows 10
Microsoft Windows Server 2016
Microsoft Windows Server 2012
Microsoft Windows Rt 8.1 -
Microsoft Windows 7 -
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2008 R2
Microsoft Windows 10 1511
Microsoft Windows Server 2008
Microsoft Windows 10 1703
Microsoft Windows Vista -
Microsoft Windows 10 1607
8.1
CVSSv3
CVE-2016-3130
An information disclosure vulnerability in the Core and Management Console in BlackBerry Enterprise Server (BES) 12 up to and including 12.5.2 allows remote malicious users to obtain local or domain credentials of an administrator or user account by sniffing traffic between the t...
Blackberry Enterprise Service 12.5.0a
Blackberry Enterprise Service 12.4.1
Blackberry Enterprise Service 12.0.0
Blackberry Enterprise Service 12.5.2
Blackberry Enterprise Service 12.5.1
Blackberry Enterprise Service 12.1.0
Blackberry Enterprise Service 12.0.1
Blackberry Enterprise Service 12.2.1
Blackberry Enterprise Service 12.2.0
Blackberry Enterprise Service 12.4.0
Blackberry Enterprise Service 12.3.1
Blackberry Enterprise Service 12.3.0
8.1
CVSSv3
CVE-2016-5385
PHP up to and including 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote malicious users to redirec...
Oracle Enterprise Manager Ops Center 12.2.2
Oracle Enterprise Manager Ops Center 12.3.2
Oracle Communications User Data Repository 10.0.1
Oracle Linux 6
Oracle Linux 7
Oracle Communications User Data Repository 12.0.0
Oracle Communications User Data Repository 10.0.0
Fedoraproject Fedora 24
Fedoraproject Fedora 23
Hp Storeever Msl6480 Tape Library Firmware
Hp System Management Homepage
Php Php
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Debian Debian Linux 8.0
Opensuse Leap 42.1
Drupal Drupal
1 Github repository
1 Article
8.1
CVSSv3
CVE-2016-5388
Apache Tomcat 7.x up to and including 7.0.70 and 8.x up to and including 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which mi...
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server Aus 7.2
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Tus 7.2
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Hpc Node 7.0
Redhat Enterprise Linux Server Eus 7.2
Redhat Enterprise Linux Hpc Node Eus 7.2
Hp System Management Homepage
Redhat Enterprise Linux Hpc Node 6.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Oracle Linux 6
Oracle Linux 7
Apache Tomcat
1 Article
8
CVSSv3
CVE-2019-0720
A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a gues...
Microsoft Windows 10 -
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows 10 1607
Microsoft Windows 7 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2008 -
Microsoft Windows 10 1703
Microsoft Windows 10 1709
Microsoft Windows 8.1 -
Microsoft Windows Server 2016 1803
Microsoft Windows 10 1803
Microsoft Windows Server 2019 -
Microsoft Windows 10 1809
2 Articles
7.8
CVSSv3
CVE-2023-4147
A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw allows a local user to crash or escalate their privileges on the system.
Linux Linux Kernel 6.5
Linux Linux Kernel
Fedoraproject Fedora 38
Redhat Enterprise Linux 9.0
Redhat Enterprise Linux For Real Time For Nfv 9.0
Redhat Enterprise Linux For Real Time 9.0
Redhat Enterprise Linux Server Aus 9.2
Redhat Enterprise Linux Eus 9.2
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
7.8
CVSSv3
CVE-2023-3090
A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG...
Linux Linux Kernel
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
7.8
CVSSv3
CVE-2023-35788
An issue exists in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel prior to 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.
Linux Linux Kernel
Debian Debian Linux 12.0
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 22.04
Debian Debian Linux 10.0
Debian Debian Linux 11.0
7.8
CVSSv3
CVE-2023-2124
An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.
Linux Linux Kernel
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Netapp H300s Firmware -
Netapp H410c Firmware -
Netapp H410s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »