Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
inject vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2019-15979
Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker with administrative privileges on the DCNM application to inject arbitrary commands on the underlying operating system (OS). For m...
Cisco Data Center Network Manager
1 Article
4.9
CVSSv3
CVE-2019-15983
A vulnerability in the SOAP API of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote malicious user to gain read access to information that is stored on an affected system. To exploit this vulnerability, an attacker would need administrative privileges...
Cisco Data Center Network Manager
1 Article
6.3
CVSSv3
CVE-2019-15999
A vulnerability in the application environment of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote malicious user to gain unauthorized access to the JBoss Enterprise Application Platform (JBoss EAP) on an affected device. The vulnerability is due to a...
Cisco Data Center Network Manager
1 Article
9.8
CVSSv3
CVE-2019-15975
Multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote malicious user to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. For more inform...
Cisco Data Center Network Manager
1 Article
9.8
CVSSv3
CVE-2019-15976
Multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote malicious user to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. For more inform...
Cisco Data Center Network Manager
1 Article
7.5
CVSSv3
CVE-2019-15977
Multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote malicious user to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. For more inform...
Cisco Data Center Network Manager
1 Article
7.2
CVSSv3
CVE-2019-15984
Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote malicious user to execute arbitrary SQL commands on an affected device. To exploit these vulnerabilities, an attacker would need administra...
Cisco Data Center Network Manager
1 Article
NA
CVE-2010-1125
The JavaScript implementation in Mozilla Firefox 3.x prior to 3.5.10 and 3.6.x prior to 3.6.4, and SeaMonkey prior to 2.0.5, allows remote malicious users to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame, via cer...
Mozilla Firefox 3.0.1
Mozilla Firefox 3.0.10
Mozilla Firefox 3.0.3
Mozilla Firefox 3.0.4
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.3
Mozilla Firefox 3.5.4
Mozilla Firefox 3.0.11
Mozilla Firefox 3.0.12
Mozilla Firefox 3.0.5
Mozilla Firefox 3.0.7
Mozilla Firefox 3.5.5
Mozilla Firefox 3.6
Mozilla Firefox 3.0
Mozilla Firefox 3.0.15
Mozilla Firefox 3.0.2
Mozilla Firefox 3.5
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.9
Mozilla Firefox 3.0.13
Mozilla Firefox 3.0.14
8.1
CVSSv3
CVE-2017-9805
The REST Plugin in Apache Struts 2.1.1 up to and including 2.3.x prior to 2.3.34 and 2.5.x prior to 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.
Apache Struts 2.1.8
Apache Struts 2.1.8.1
Apache Struts 2.3.1.2
Apache Struts 2.3.3
Apache Struts 2.3.14.2
Apache Struts 2.3.14.3
Apache Struts 2.3.16.2
Apache Struts 2.3.16.3
Apache Struts 2.3.28
Apache Struts 2.3.28.1
Apache Struts 2.5.3
Apache Struts 2.5.4
Apache Struts 2.5.10.1
Apache Struts 2.5.11
Apache Struts 2.1.2
Apache Struts 2.2.1
Apache Struts 2.2.1.1
Apache Struts 2.3.4
Apache Struts 2.3.4.1
Apache Struts 2.3.15
Apache Struts 2.3.15.1
Apache Struts 2.3.20
1 EDB exploit
20 Github repositories
3 Articles
NA
CVE-2011-1575
The STARTTLS implementation in ftp_parser.c in Pure-FTPd prior to 1.0.30 does not properly restrict I/O buffering, which allows man-in-the-middle malicious users to insert commands into encrypted FTP sessions by sending a cleartext command that is processed after TLS is in place,...
Pureftpd Pure-ftpd 1.0.16a
Pureftpd Pure-ftpd 1.0.14
Pureftpd Pure-ftpd 1.0.15
Pureftpd Pure-ftpd 1.0.20
Pureftpd Pure-ftpd 1.0.21
Pureftpd Pure-ftpd 1.0.10
Pureftpd Pure-ftpd 1.0.9
Pureftpd Pure-ftpd 1.0.2
Pureftpd Pure-ftpd 1.0.1
Pureftpd Pure-ftpd 0.99.1a
Pureftpd Pure-ftpd 0.99.1
Pureftpd Pure-ftpd 0.98.6
Pureftpd Pure-ftpd 0.98.5
Pureftpd Pure-ftpd 0.98pre2
Pureftpd Pure-ftpd 0.98pre1
Pureftpd Pure-ftpd 0.97.3
Pureftpd Pure-ftpd 0.97.2
Pureftpd Pure-ftpd 0.97pre1
Pureftpd Pure-ftpd 0.96.1
Pureftpd Pure-ftpd 0.95-pre3
Pureftpd Pure-ftpd 0.95-pre2
Pureftpd Pure-ftpd 0.95-pre1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »