Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco nexus dashboard vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-20053
A vulnerability in the web-based management interface of Cisco Nexus Dashboard could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. This vulnerability is du...
Cisco Nexus Dashboard
NA
CVE-2022-20921
A vulnerability in the API implementation of Cisco ACI Multi-Site Orchestrator (MSO) could allow an authenticated, remote malicious user to elevate privileges on an affected device. This vulnerability is due to improper authorization on specific APIs. An attacker could exploit th...
Cisco Aci Multi-site Orchestrator
NA
CVE-2023-20185
A vulnerability in the Cisco ACI Multi-Site CloudSec encryption feature of Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an unauthenticated, remote malicious user to read or modify intersite encrypted traffic. This vulnerability is due to an issue with the imple...
Cisco Nx-os 14.0\\(1h\\)
Cisco Nx-os 14.0\\(2c\\)
Cisco Nx-os 14.0\\(3c\\)
Cisco Nx-os 14.0\\(3d\\)
Cisco Nx-os 14.1\\(1i\\)
Cisco Nx-os 14.1\\(1j\\)
Cisco Nx-os 14.1\\(1k\\)
Cisco Nx-os 14.1\\(1l\\)
Cisco Nx-os 14.1\\(2g\\)
Cisco Nx-os 14.1\\(2m\\)
Cisco Nx-os 14.1\\(2o\\)
Cisco Nx-os 14.1\\(2s\\)
Cisco Nx-os 14.1\\(2u\\)
Cisco Nx-os 14.1\\(2w\\)
Cisco Nx-os 14.1\\(2x\\)
Cisco Nx-os 14.2\\(1i\\)
Cisco Nx-os 14.2\\(1j\\)
Cisco Nx-os 14.2\\(1l\\)
Cisco Nx-os 14.2\\(2e\\)
Cisco Nx-os 14.2\\(2f\\)
Cisco Nx-os 14.2\\(2g\\)
Cisco Nx-os 14.2\\(3j\\)
1000
VMScore
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0
Apache Log4j
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Siemens Head-end System Universal Device Integration System
Siemens Gma-manager
Siemens Energyip 8.5
Siemens Energyip 8.6
Siemens Energyip 8.7
Siemens Energyip 9.0
Siemens Energy Engage 3.1
Siemens E-car Operation Center
2 Metasploit modules
1182 Github repositories
28 Articles
670
VMScore
CVE-2017-5641
Previous versions of Apache Flex BlazeDS (4.7.2 and previous versions) did not restrict which types were allowed for AMF(X) object deserialization by default. During the deserialization process code is executed that for several known types has undesired side-effects. Other, unkno...
Apache Flex Blazeds
Hp Xp Command View Advanced Edition
766
VMScore
CVE-2021-44832
Apache Log4j2 versions 2.0-beta7 up to and including 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the tar...
Apache Log4j 2.0
Apache Log4j
Oracle Weblogic Server 12.2.1.3.0
Oracle Primavera Unifier 18.8
Oracle Weblogic Server 12.2.1.4.0
Oracle Primavera Unifier 19.12
Oracle Weblogic Server 14.1.1.0.0
Oracle Primavera Unifier 20.12
Oracle Communications Interactive Session Recorder 6.3
Oracle Communications Interactive Session Recorder 6.4
Oracle Primavera Gateway
Oracle Retail Assortment Planning 16.0.3
Oracle Primavera Unifier 21.12
Oracle Primavera P6 Enterprise Project Portfolio Management 21.12.0.0
Oracle Primavera P6 Enterprise Project Portfolio Management
Oracle Primavera Gateway 21.12.0
Oracle Retail Fiscal Management 14.2
Oracle Siebel Ui Framework 21.12
Oracle Communications Diameter Signaling Router
Cisco Cloudcenter 4.10.0.16
Fedoraproject Fedora 34
Fedoraproject Fedora 35
34 Github repositories
4 Articles
513
VMScore
CVE-2021-45046
It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with...
Apache Log4j 2.0
Apache Log4j
Intel Oneapi -
Intel Audio Development Kit -
Intel Datacenter Manager -
Intel System Debugger -
Intel Secure Device Onboard -
Intel Sensor Solution Firmware Development Kit -
Intel Computer Vision Annotation Tool -
Intel Genomics Kernel Library -
Intel System Studio -
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
197 Github repositories
9 Articles
NA
CVE-2024-20283
A vulnerability in Cisco Nexus Dashboard could allow an authenticated, remote malicious user to learn cluster deployment information on an affected device. This vulnerability is due to improper access controls on a specific API endpoint. An attacker could exploit this vulnerabili...
405
VMScore
CVE-2021-45105
Apache Log4j2 versions 2.0-alpha1 up to and including 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted strin...
Apache Log4j
Netapp Cloud Manager -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Sonicwall Network Security Manager
Sonicwall Email Security
Sonicwall Web Application Firewall
Sonicwall 6bk1602-0aa12-0tp0 Firmware
Sonicwall 6bk1602-0aa22-0tp0 Firmware
Sonicwall 6bk1602-0aa32-0tp0 Firmware
Sonicwall 6bk1602-0aa42-0tp0 Firmware
Sonicwall 6bk1602-0aa52-0tp0 Firmware
Oracle E-business Suite 12.2
Oracle Retail Back Office 14.1
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Sites 12.2.1.3.0
Oracle Managed File Transfer 12.2.1.3.0
Oracle Retail Order Broker 16.0
Oracle Retail Integration Bus 14.1.3
Oracle Retail Returns Management 14.1
Oracle Retail Central Office 14.1
74 Github repositories
5 Articles
445
VMScore
CVE-2015-3269
Apache Flex BlazeDS, as used in flex-messaging-core.jar in Adobe LiveCycle Data Services (LCDS) 3.0.x prior to 3.0.0.354170, 4.5 prior to 4.5.1.354169, 4.6.2 prior to 4.6.2.354169, and 4.7 prior to 4.7.0.354169 and other products, allows remote malicious users to read arbitrary f...
Hp Business Service Management
Adobe Livecycle Data Services 3.0
Adobe Livecycle Data Services 4.5
Adobe Livecycle Data Services 4.6
Adobe Livecycle Data Services 4.7
3 Articles
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »