Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
core security technologies vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-04403
Core Security Technologies Advisory - The Cisco Secure Desktop web application does not sufficiently verify if a well-formed request was provided by the user who submitted the POST request, resulting in a cross-site scripting vulnerability. In order to be able to successfully mak...
383
VMScore
CVE-2007-5266
Off-by-one error in ICC profile chunk handling in the png_set_iCCP function in pngset.c in libpng prior to 1.0.29 beta1 and 1.2.x prior to 1.2.21 beta1 allows remote malicious users to cause a denial of service (crash) via a crafted PNG image that prevents a name field from being...
Libpng Libpng
445
VMScore
CVE-2011-1509
The encryptPassword function in Login.js in ManageEngine ServiceDesk Plus (SDP) 8012 and previous versions uses a Caesar cipher for encryption of passwords in cookies, which makes it easier for remote malicious users to obtain sensitive information by sniffing the network.
Manageengine Servicedesk Plus
Manageengine Servicedesk Plus 8.0
NA
CVE-2011-15103
ManageEngine ServiceDesk Plus is a complete web based and ITIL ready service desk software with integrated asset management developed by ManageEngine, the Enterprise IT Management Software division of Zoho Corporation. The authentication process of ServiceDesk Plus obfuscates use...
NA
CVE-2011-15113
Core Security Technologies Advisory - The Administration Console of Oracle GlassFish Server, which is listening by default on port 4848/TCP, is prone to an authentication bypass vulnerability. This vulnerability can be exploited by remote attackers to access sensitive data on the...
NA
CVE-2011-15133
Core Security Technologies Advisory - When the install script for e107 CMS has not been removed, an attacker can "reinstall" the application using arbitrary parameters. If the attacker puts a valid MySql server followed a semicolon and PHP code, this will be executed wh...
445
VMScore
CVE-2011-1514
The inet service in HP OpenView Storage Data Protector 6.00 up to and including 6.20 allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via a request containing crafted parameters.
Hp Openview Storage Data Protector 6.11
Hp Openview Storage Data Protector 6.00
Hp Openview Storage Data Protector 6.20
Hp Openview Storage Data Protector 6.10
445
VMScore
CVE-2011-1515
The inet service in HP OpenView Storage Data Protector 6.00 up to and including 6.20 allows remote malicious users to cause a denial of service (daemon exit) via a request containing crafted parameters.
Hp Openview Storage Data Protector 6.11
Hp Openview Storage Data Protector 6.00
Hp Openview Storage Data Protector 6.20
Hp Openview Storage Data Protector 6.10
NA
CVE-2011-18723
Core Security Technologies Advisory - A security vulnerability was found in the driver 'vmswitch.sys', associated to the Windows Hypervisor subsystem, allowing an authenticated local DoS. The vulnerability could allow denial of service if a specially crafted packet is s...
668
VMScore
CVE-2008-2080
Stack-based buffer overflow in the Read32s_64 function in src/lib/cdfread64.c in the NASA Goddard Space Flight Center Common Data Format (CDF) library prior to 3.2.1 allows context-dependent malicious users to execute arbitrary code via a .cdf file with crafted length tags.
Nasa Goddard Space Flight Center Common Data Format 2.0
Nasa Goddard Space Flight Center Common Data Format 2.6
Nasa Goddard Space Flight Center Common Data Format 2.3
Nasa Goddard Space Flight Center Common Data Format
Nasa Goddard Space Flight Center Common Data Format 2.1
Nasa Goddard Space Flight Center Common Data Format 2.5
Nasa Goddard Space Flight Center Common Data Format 3.0
Nasa Goddard Space Flight Center Common Data Format 2.4
Nasa Goddard Space Flight Center Common Data Format 2.2
Nasa Goddard Space Flight Center Common Data Format 3.1
Nasa Goddard Space Flight Center Common Data Format 2.7
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »