Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
connect vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-39340
A vulnerability exists on all versions of Ivanti Connect Secure below 22.6R2 where an attacker can send a specific request which may lead to Denial of Service (DoS) of the appliance.
Ivanti Connect Secure 22.1
Ivanti Connect Secure 22.2
Ivanti Connect Secure 22.5
Ivanti Connect Secure 22.4
Ivanti Connect Secure 22.3
Ivanti Connect Secure 9.1
Ivanti Connect Secure 22.6
312
VMScore
CVE-2018-1382
IBM API Connect 5.0.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 138079.
Ibm Api Connect 5.0.7.2
Ibm Api Connect 5.0.8.1
Ibm Api Connect 5.0.7.0
Ibm Api Connect 5.0.8.0
Ibm Api Connect 5.0.7.1
Ibm Api Connect
578
VMScore
CVE-2016-8494
Insufficient verification of uploaded files allows attackers with webui administrators privileges to perform arbitrary code execution by uploading a new webui theme.
Fortinet Connect 15.10
Fortinet Connect 16.7
Fortinet Connect 14.2
Fortinet Connect 14.10
578
VMScore
CVE-2019-11508
In Pulse Secure Pulse Connect Secure (PCS) prior to 8.1R15.1, 8.2 prior to 8.2R12.1, 8.3 prior to 8.3R7.1, and 9.0 prior to 9.0R3.4, an authenticated attacker (via the admin web interface) can exploit Directory Traversal to execute arbitrary code on the appliance.
Pulsesecure Pulse Connect Secure 7.4
Ivanti Connect Secure 9.0
Ivanti Connect Secure 8.1
Ivanti Connect Secure 8.2
Ivanti Connect Secure 8.3
Ivanti Connect Secure 7.1
Ivanti Connect Secure 7.4
NA
CVE-2023-41720
A vulnerability exists on all versions of Ivanti Connect Secure below 22.6R2 where an attacker with a foothold on an Ivanti Connect Secure (ICS) appliance can escalate their privileges by exploiting a vulnerable installed application. This vulnerability allows the malicious user ...
Ivanti Connect Secure 22.1
Ivanti Connect Secure 22.2
Ivanti Connect Secure 22.5
Ivanti Connect Secure 22.4
Ivanti Connect Secure 22.3
Ivanti Connect Secure 22.6
356
VMScore
CVE-2017-1785
IBM API Connect 5.0.7 and 5.0.8 could allow an authenticated remote user to modify query parameters to obtain sensitive information. IBM X-Force ID: 136859.
Ibm Api Connect 5.0.7.1
Ibm Api Connect 5.0.8.0
Ibm Api Connect 5.0.8.1
Ibm Api Connect 5.0.7.0
Ibm Api Connect 5.0.7.2
365
VMScore
CVE-2013-4035
IBM Sterling Connect:Direct for OpenVMS 3.4.00, 3.4.01, 3.5.00, 3.6.0, and 3.6.0.1 allow remote malicious users to have unspecified impact by leveraging failure to reject client requests for an unencrypted session when used as the server in a TCP/IP session and configured for SSL...
Ibm Sterling Connect 3.5.0.0
Ibm Sterling Connect 3.6.0.1
Ibm Sterling Connect 3.4.0.0
Ibm Sterling Connect 3.4.0.1
Ibm Sterling Connect 3.6.0
605
VMScore
CVE-2013-6029
Stack-based buffer overflow in the AT&T Connect Participant Application prior to 9.5.51 on Windows allows remote malicious users to execute arbitrary code via a malformed .SVT file.
Att Connect Participant Application 9.0.82
Att Connect Participant Application 8.5.71
Att Connect Participant Application 9.3.14
Att Connect Participant Application 9.3.0
Att Connect Participant Application 9.2.0
Att Connect Participant Application 9.0.0
Att Connect Participant Application 8.9.35
Att Connect Participant Application
383
VMScore
CVE-2016-4789
Cross-site scripting (XSS) vulnerability in the system configuration section in the administrative user interface in Pulse Connect Secure (PCS) 8.2 prior to 8.2r1, 8.1 prior to 8.1r2, 8.0 prior to 8.0r9, and 7.4 prior to 7.4r13.4 allows remote malicious users to inject arbitrary ...
Pulsesecure Pulse Connect Secure 8.1r1.0
Ivanti Connect Secure 8.1
Ivanti Connect Secure 8.0
Pulsesecure Pulse Connect Secure 7.4
Ivanti Connect Secure 8.2
570
VMScore
CVE-2016-4787
Pulse Connect Secure (PCS) 8.2 prior to 8.2r1, 8.1 prior to 8.1r2, 8.0 prior to 8.0r10, and 7.4 prior to 7.4r13.4 allow remote malicious users to read sensitive system authentication files in an unspecified directory via unknown vectors.
Ivanti Connect Secure 8.0
Ivanti Connect Secure 8.2
Pulsesecure Pulse Connect Secure 7.4
Pulsesecure Pulse Connect Secure 8.1r1.0
Ivanti Connect Secure 8.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »