Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
connect vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-39340
A vulnerability exists on all versions of Ivanti Connect Secure below 22.6R2 where an attacker can send a specific request which may lead to Denial of Service (DoS) of the appliance.
Ivanti Connect Secure 22.1
Ivanti Connect Secure 22.2
Ivanti Connect Secure 22.5
Ivanti Connect Secure 22.4
Ivanti Connect Secure 22.3
Ivanti Connect Secure 9.1
Ivanti Connect Secure 22.6
7.2
CVSSv3
CVE-2016-8494
Insufficient verification of uploaded files allows attackers with webui administrators privileges to perform arbitrary code execution by uploading a new webui theme.
Fortinet Connect 15.10
Fortinet Connect 16.7
Fortinet Connect 14.2
Fortinet Connect 14.10
5.4
CVSSv3
CVE-2018-1382
IBM API Connect 5.0.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 138079.
Ibm Api Connect 5.0.7.2
Ibm Api Connect 5.0.8.1
Ibm Api Connect 5.0.7.0
Ibm Api Connect 5.0.8.0
Ibm Api Connect 5.0.7.1
Ibm Api Connect
7.2
CVSSv3
CVE-2019-11508
In Pulse Secure Pulse Connect Secure (PCS) prior to 8.1R15.1, 8.2 prior to 8.2R12.1, 8.3 prior to 8.3R7.1, and 9.0 prior to 9.0R3.4, an authenticated attacker (via the admin web interface) can exploit Directory Traversal to execute arbitrary code on the appliance.
Pulsesecure Pulse Connect Secure 7.4
Ivanti Connect Secure 9.0
Ivanti Connect Secure 8.1
Ivanti Connect Secure 8.2
Ivanti Connect Secure 8.3
Ivanti Connect Secure 7.1
Ivanti Connect Secure 7.4
7.8
CVSSv3
CVE-2023-41720
A vulnerability exists on all versions of Ivanti Connect Secure below 22.6R2 where an attacker with a foothold on an Ivanti Connect Secure (ICS) appliance can escalate their privileges by exploiting a vulnerable installed application. This vulnerability allows the malicious user ...
Ivanti Connect Secure 22.1
Ivanti Connect Secure 22.2
Ivanti Connect Secure 22.5
Ivanti Connect Secure 22.4
Ivanti Connect Secure 22.3
Ivanti Connect Secure 22.6
7.3
CVSSv3
CVE-2013-4035
IBM Sterling Connect:Direct for OpenVMS 3.4.00, 3.4.01, 3.5.00, 3.6.0, and 3.6.0.1 allow remote malicious users to have unspecified impact by leveraging failure to reject client requests for an unencrypted session when used as the server in a TCP/IP session and configured for SSL...
Ibm Sterling Connect 3.5.0.0
Ibm Sterling Connect 3.6.0.1
Ibm Sterling Connect 3.4.0.0
Ibm Sterling Connect 3.4.0.1
Ibm Sterling Connect 3.6.0
4.3
CVSSv3
CVE-2017-1785
IBM API Connect 5.0.7 and 5.0.8 could allow an authenticated remote user to modify query parameters to obtain sensitive information. IBM X-Force ID: 136859.
Ibm Api Connect 5.0.7.1
Ibm Api Connect 5.0.8.0
Ibm Api Connect 5.0.8.1
Ibm Api Connect 5.0.7.0
Ibm Api Connect 5.0.7.2
NA
CVE-2013-6029
Stack-based buffer overflow in the AT&T Connect Participant Application prior to 9.5.51 on Windows allows remote malicious users to execute arbitrary code via a malformed .SVT file.
Att Connect Participant Application 9.0.82
Att Connect Participant Application 8.5.71
Att Connect Participant Application 9.3.14
Att Connect Participant Application 9.3.0
Att Connect Participant Application 9.2.0
Att Connect Participant Application 9.0.0
Att Connect Participant Application 8.9.35
Att Connect Participant Application
5.8
CVSSv3
CVE-2016-4788
Pulse Connect Secure (PCS) 8.2 prior to 8.2r1, 8.1 prior to 8.1r2, 8.0 prior to 8.0r10, and 7.4 prior to 7.4r13.4 allow remote malicious users to read an unspecified system file via unknown vectors.
Ivanti Connect Secure 8.2
Pulsesecure Pulse Connect Secure 8.1r1.0
Ivanti Connect Secure 8.1
Pulsesecure Pulse Connect Secure 7.4
Ivanti Connect Secure 8.0
8.6
CVSSv3
CVE-2016-4791
The administrative user interface in Pulse Connect Secure (PCS) 8.2 prior to 8.2r1, 8.1 prior to 8.1r2, 8.0 prior to 8.0r9, and 7.4 prior to 7.4r13.4 allows remote administrators to enumerate files, read arbitrary files, and conduct server side request forgery (SSRF) attacks via ...
Pulsesecure Pulse Connect Secure 8.1r1.0
Ivanti Connect Secure 8.1
Ivanti Connect Secure 8.2
Ivanti Connect Secure 8.0
Pulsesecure Pulse Connect Secure 7.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »