Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sec-consult.com vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2017-6700
A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) could allow an unauthenticated, remote malicious user to conduct a Document Object Model (DOM) based (environment or client-side) cross-site sc...
Cisco Prime Infrastructure 3.1\\(1\\)
Cisco Prime Infrastructure 2.0\\(4.0.45b\\)
NA
CVE-2010-0296
The encode_name macro in misc/mntent_r.c in the GNU C Library (aka glibc or libc6) 2.11.1 and previous versions, as used by ncpmount and mount.cifs, does not properly handle newline characters in mountpoint names, which allows local users to cause a denial of service (mtab corrup...
Gnu Glibc 2.2.2
Gnu Glibc 2.9
Gnu Glibc 2.7
Gnu Glibc 2.1.2
Gnu Glibc 2.11
Gnu Glibc 2.0.5
Gnu Glibc 2.2.5
Gnu Glibc 2.0.6
Gnu Glibc 2.10.1
Gnu Glibc 2.1.1
Gnu Glibc 2.0.3
Gnu Glibc 2.3.1
Gnu Glibc 2.3
Gnu Glibc 2.0
Gnu Glibc 2.1.1.6
Gnu Glibc 2.3.10
Gnu Glibc 2.4
Gnu Glibc 2.1
Gnu Glibc 2.3.4
Gnu Glibc 2.1.9
Gnu Glibc 2.3.3
Gnu Glibc 2.6.1
NA
CVE-2013-4671
Cross-site request forgery (CSRF) vulnerability in the management console on the Symantec Web Gateway (SWG) appliance prior to 5.1.1 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.
Symantec Web Gateway 5.0.1
Symantec Web Gateway 5.0.2
Symantec Web Gateway 5.0.3
Symantec Web Gateway 5.0.3.18
Symantec Web Gateway
Symantec Web Gateway 5.0
Symantec Web Gateway Appliance 8450 -
Symantec Web Gateway Appliance 8490 -
9.8
CVSSv3
CVE-2020-16204
The affected product is vulnerable due to an undocumented interface found on the device, which may allow an malicious user to execute commands as root on the device on the N-Tron 702-W / 702M12-W (all versions).
Redlion N-tron 702-w Firmware
Redlion N-tron 702m12-w Firmware
9
CVSSv3
CVE-2020-16206
The affected product is vulnerable to stored cross-site scripting, which may allow an malicious user to remotely execute arbitrary code to gain access to sensitive data on the N-Tron 702-W / 702M12-W (all versions).
Redlion N-tron 702-w Firmware
Redlion N-tron 702m12-w Firmware
6.1
CVSSv3
CVE-2019-6504
Insufficient output sanitization in the Automic Web Interface (AWI), in CA Automic Workload Automation 12.0 to 12.2, allow malicious users to potentially conduct persistent cross site scripting (XSS) attacks via a crafted object.
Broadcom Automic Workload Automation
NA
CVE-2013-4672
The management console on the Symantec Web Gateway (SWG) appliance prior to 5.1.1 has an incorrect sudoers file, which allows local users to bypass intended access restrictions via a command.
Symantec Web Gateway 5.0
Symantec Web Gateway 5.0.1
Symantec Web Gateway 5.0.2
Symantec Web Gateway 5.0.3
Symantec Web Gateway 5.0.3.18
Symantec Web Gateway
Symantec Web Gateway Appliance 8450 -
Symantec Web Gateway Appliance 8490 -
8.8
CVSSv3
CVE-2020-16208
The affected product is vulnerable to cross-site request forgery, which may allow an malicious user to modify different configurations of a device by luring an authenticated user to click on a crafted link on the N-Tron 702-W / 702M12-W (all versions).
Redlion N-tron 702-w Firmware
Redlion N-tron 702m12-w Firmware
9
CVSSv3
CVE-2020-16210
The affected product is vulnerable to reflected cross-site scripting, which may allow an malicious user to remotely execute arbitrary code and perform actions in the context of an attacked user on the N-Tron 702-W / 702M12-W (all versions).
Redlion N-tron 702-w Firmware
Redlion N-tron 702m12-w Firmware
NA
CVE-2015-1315
Buffer overflow in the charset_to_intern function in unix/unix.c in Info-Zip UnZip 6.10b allows remote malicious users to execute arbitrary code via a crafted string, as demonstrated by converting a string from CP866 to UTF-8.
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Info-zip Unzip 6.10b
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »