Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
local users vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2018-1676
IBM Planning Analytics 2.0.0 up to and including 2.0.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted s...
Ibm Planning Analytics Local
312
VMScore
CVE-2020-4306
IBM Planning Analytics Local 2.0.0 up to and including 2.0.9 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a tru...
Ibm Planning Analytics Local
NA
CVE-2023-28520
IBM Planning Analytics Local 2.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-F...
Ibm Planning Analytics Local 2.0.0
625
VMScore
CVE-2014-8727
Multiple directory traversal vulnerabilities in F5 BIG-IP prior to 10.2.2 allow local users with the "Resource Administrator" or "Administrator" role to enumerate and delete arbitrary files via a .. (dot dot) in the name parameter to (1) tmui/Control/jspmap/tm...
F5 Big-ip Local Traffic Manager
1 EDB exploit
436
VMScore
CVE-2013-3278
EMC VPLEX before VPLEX GeoSynchrony 5.2 SP1 uses cleartext for storage of the LDAP/AD bind password, which allows local users to obtain sensitive information by reading the management-server configuration file.
Emc Vplex Geo -
Emc Vplex Metro -
Emc Vplex Local -
Emc Geosynchrony
215
VMScore
CVE-2005-0421
DelphiTurk FTP 1.0 stores usernames and passwords in the profile.dat file, which allows local users to gain privileges.
Delphiturk Delphiturk Ftp 1.0
1 EDB exploit
392
VMScore
CVE-2012-1054
Puppet 2.6.x prior to 2.6.14 and 2.7.x prior to 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x prior to 2.0.3, when managing a user login file with the k5login resource type, allows local users to gain privileges via a symlink attack on .k5login.
Puppet Puppet 2.6.0
Puppet Puppet 2.6.1
Puppet Puppet 2.6.2
Puppet Puppet 2.6.3
Puppet Puppet 2.6.4
Puppet Puppet 2.6.5
Puppet Puppet 2.6.6
Puppet Puppet 2.6.7
Puppet Puppet 2.6.8
Puppet Puppet 2.6.9
Puppet Puppet 2.6.10
Puppet Puppet 2.6.11
Puppet Puppet 2.6.12
Puppet Puppet 2.6.13
Puppetlabs Puppet 2.7.0
Puppetlabs Puppet 2.7.1
Puppet Puppet 2.7.2
Puppet Puppet 2.7.3
Puppet Puppet 2.7.4
Puppet Puppet 2.7.5
Puppet Puppet 2.7.6
Puppet Puppet 2.7.7
614
VMScore
CVE-2012-1053
The change_user method in the SUIDManager (lib/puppet/util/suidmanager.rb) in Puppet 2.6.x prior to 2.6.14 and 2.7.x prior to 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x prior to 2.0.3 does not properly manage group privileges, which allows local users to gain...
Puppet Puppet 2.6.0
Puppet Puppet 2.6.1
Puppet Puppet 2.6.2
Puppet Puppet 2.6.3
Puppet Puppet 2.6.4
Puppet Puppet 2.6.5
Puppet Puppet 2.6.6
Puppet Puppet 2.6.7
Puppet Puppet 2.6.8
Puppet Puppet 2.6.9
Puppet Puppet 2.6.10
Puppet Puppet 2.6.11
Puppet Puppet 2.6.12
Puppet Puppet 2.6.13
Puppetlabs Puppet 2.7.0
Puppetlabs Puppet 2.7.1
Puppet Puppet 2.7.2
Puppet Puppet 2.7.3
Puppet Puppet 2.7.4
Puppet Puppet 2.7.5
Puppet Puppet 2.7.6
Puppet Puppet 2.7.7
445
VMScore
CVE-2018-0426
A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote malicious user to gain access to sensitive informatio...
Cisco Rv110w Firmware
Cisco Rv130w Firmware
Cisco Rv215w Firmware
828
VMScore
CVE-2018-0423
A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote malicious user to cause a denial of service condition...
Cisco Rv110w Firmware
Cisco Rv130w Firmware
Cisco Rv215w Firmware
1 Article
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »