Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cloud portal vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-22855
The specific function of HR Portal of Soar Cloud System accepts any type of object to be deserialized. Attackers can send malicious serialized objects to execute arbitrary commands.
Hr Portal Project Hr Portal 7.3.2020.1013
5.5
CVSSv2
CVE-2021-22853
The HR Portal of Soar Cloud System fails to manage access control. While obtaining user ID, remote attackers can access sensitive data via a specific data packet, such as user’s login information, further causing the login function not to work.
Hr Portal Project Hr Portal 7.3.2020.1013
4.3
CVSSv2
CVE-2016-5648
Acer Portal app prior to 3.9.4.2000 for Android does not properly validate SSL certificates, which allows remote malicious users to perform a Man-in-the-middle attack via a crafted SSL certificate.
Acer Acer Portal
NA
CVE-2023-34357
Soar Cloud Ltd. HR Portal has a weak Password Recovery Mechanism for Forgotten Password. The reset password link sent out through e-mail, and the link will remain valid after the password has been reset and after the expected expiration date. An attacker with access to the brows...
Scshr Hr Portal 7.3.2023.0705
Scshr Hr Portal 7.3.2023.0510
6.8
CVSSv2
CVE-2013-3406
The "Files Available for Download" implementation in the Cisco Intelligent Automation for Cloud component in Cisco Services Portal 9.4(1) allows remote authenticated users to read arbitrary files via a crafted request, aka Bug ID CSCug65687.
Cisco Service Portal 9.4.1
NA
CVE-2023-33754
The captive portal in Inpiazza Cloud WiFi versions prior to v4.2.17 does not enforce limits on the number of attempts for password recovery, allowing malicious users to brute force valid user accounts to gain access to login credentials.
Inpiazza Cloud Wifi
5
CVSSv2
CVE-2020-11612
The ZlibDecoders in Netty 4.1.x prior to 4.1.46 allow for unbounded memory allocation while decoding a ZlibEncoded byte stream. An attacker could send a large ZlibEncoded byte stream to the Netty server, forcing the server to allocate all of its free memory to a single decoder.
Netty Netty
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 33
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Oncommand Api Services -
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.4.0
Oracle Nosql Database
Oracle Communications Messaging Server 8.1
Oracle Communications Design Studio 7.4.2
Oracle Communications Brm - Elastic Charging Engine 12.0.0.3
Oracle Communications Cloud Native Core Service Communication Proxy 1.5.2
Oracle Siebel Core - Server Framework
NA
CVE-2023-26292
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Cloud Security Gateway (CSG) Portal on Web Cloud Security Gateway, Email Security Cloud (login_submit.mhtml modules), Forcepoint Web Security Portal on Hybri...
Forcepoint Cloud Security Gateway
Forcepoint Web Security
NA
CVE-2023-26290
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Cloud Security Gateway (CSG) Portal on Web Cloud Security Gateway, Email Security Cloud (login_reset_request.mhtml modules), Forcepoint Web Security Portal o...
Forcepoint Cloud Security Gateway
Forcepoint Web Security
NA
CVE-2023-26291
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Cloud Security Gateway (CSG) Portal on Web Cloud Security Gateway, Email Security Cloud (login_form.mhtml modules), Forcepoint Web Security Portal on Hybrid ...
Forcepoint Cloud Security Gateway
Forcepoint Web Security
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »