Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
audit vulnerabilities and exploits
(subscribe to this query)
7.7
CVSSv3
CVE-2018-3115
Vulnerability in the Oracle Retail Sales Audit component of Oracle Retail Applications (subcomponent: Operational Insights). Supported versions that are affected are 15.0 and 16.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to c...
Oracle Retail Sales Audit 16.0
Oracle Retail Sales Audit 15.0
NA
CVE-2009-3029
Cross-site scripting (XSS) vulnerability in the console in Symantec SecurityExpressions Audit and Compliance Server 4.1.1, 4.1, and previous versions allows remote authenticated users to inject arbitrary web script or HTML via "external client input" that triggers craft...
Symantec Securityexpressions Audit And Compliance Server
Symantec Securityexpressions Audit And Compliance Server 4.1
NA
CVE-2009-3030
Cross-site scripting (XSS) vulnerability in Symantec SecurityExpressions Audit and Compliance Server 4.1.1, 4.1, and previous versions allows remote malicious users to inject arbitrary web script or HTML via vectors that trigger an error message in a response, related to an "...
Symantec Securityexpressions Audit And Compliance Server 4.1
Symantec Securityexpressions Audit And Compliance Server
NA
CVE-2008-1628
Stack-based buffer overflow in the audit_log_user_command function in lib/audit_logging.c in Linux Audit prior to 1.7 might allow remote malicious users to execute arbitrary code via a long command argument. NOTE: some of these details are obtained from third party information.
Linux Audit
5.3
CVSSv3
CVE-2020-2287
Jenkins Audit Trail Plugin 3.6 and previous versions applies pattern matching to a different representation of request URL paths than the Stapler web framework uses for dispatching requests, which allows malicious users to craft URLs that bypass request logging of any target URL.
Jenkins Audit Trail
5.3
CVSSv3
CVE-2020-2288
In Jenkins Audit Trail Plugin 3.6 and previous versions, the default regular expression pattern could be bypassed in many cases by adding a suffix to the URL that would be ignored during request handling.
Jenkins Audit Trail
NA
CVE-2015-6828
The tweet_info function in class/__functions.php in the SecureMoz Security Audit plugin 1.0.5 and previous versions for WordPress does not use an HTTPS session for downloading serialized data, which allows man-in-the-middle malicious users to conduct PHP object injection attacks ...
Securemoz Security Audit
6.1
CVSSv3
CVE-2022-31889
Cross Site Scripting (XSS) vulnerability in audit/templates/auditlogs.tmpl.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae.
Enhancesoft Audit Log
1 Github repository
9.8
CVSSv3
CVE-2022-31890
SQL Injection vulnerability in audit/class.audit.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae via the order parameter to the getOrder function.
Enhancesoft Audit Log
1 Github repository
9.8
CVSSv3
CVE-2021-40612
An issue exists in Opmantek Open-AudIT after 3.5.0. Without authentication, a vulnerability in code_igniter/application/controllers/util.php allows an attacker perform command execution without echoes.
Opmantek Open-audit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »