Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
privilege vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-6553
Buffer Overflow in Quest One Identity Privilege Manager for Unix prior to 6.0.0.061 allows remote malicious users to obtain full access to the policy server via an ACT_ALERT_EVENT request that causes memory corruption in the pmmasterd daemon.
Quest Privilege Manager For Unix
1 EDB exploit
5.4
CVSSv3
CVE-2018-12903
In CyberArk Endpoint Privilege Manager (formerly Viewfinity) 10.2.1.603, there is persistent XSS via an account name on the create token screen, the VfManager.asmx SelectAccounts->DisplayName screen, a user's groups in ConfigurationPage, the Dialog Title field, and App Gr...
Cyberark Endpoint Privilege Manager 10.2.1.603
7.8
CVSSv3
CVE-2020-28369
In BeyondTrust Privilege Management for Windows (aka PMfW) up to and including 5.7, a SYSTEM installation causes Cryptbase.dll to be loaded from the user-writable location %WINDIR%\Temp.
Beyondtrust Privilege Management For Windows
7.8
CVSSv3
CVE-2020-4609
IBM Security Sevret Server (IBM Security Verify Privilege Manager 10.8.2) is vulnerable to a buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and execute arbitrary code on the system or cause the system to crash. IBM X-Force ID: 184917...
Ibm Security Verify Privilege Manager
7.8
CVSSv3
CVE-2020-4610
IBM Security Secret Server (IBM Security Verify Privilege Manager 10.8.2 ) could allow a local user to execute code due to improper integrity checks. IBM X-Force ID: 184919.
Ibm Security Verify Privilege Manager
5.5
CVSSv3
CVE-2020-25738
CyberArk Endpoint Privilege Manager (EPM) 11.1.0.173 allows malicious users to bypass a Credential Theft protection mechanism by injecting a DLL into a process that normally has credential access, such as a Chrome process that reads credentials from a SQLite database.
Cyberark Endpoint Privilege Manager 11.1.0.173
6.7
CVSSv3
CVE-2023-49944
The Challenge Response feature of BeyondTrust Privilege Management for Windows (PMfW) prior to 2023-07-14 allows local administrators to bypass this feature by decrypting the shared key, or by locating the decrypted shared key in process memory. The threat is mitigated by the Age...
Beyondtrust Privilege Management For Windows
7.8
CVSSv3
CVE-2021-42254
BeyondTrust Privilege Management prior to version 21.6 creates a Temporary File in a Directory with Insecure Permissions.
Beyondtrust Privilege Management For Windows
9.8
CVSSv3
CVE-2018-15439
A vulnerability in the Cisco Small Business Switches software could allow an unauthenticated, remote malicious user to bypass the user authentication mechanism of an affected device. The vulnerability exists because under specific circumstances, the affected software enables a pr...
Cisco Sg200-50 Firmware -
Cisco Sg200-50p Firmware -
Cisco Sg200-50fp Firmware -
Cisco Sg200-26 Firmware -
Cisco Sg200-26p Firmware -
Cisco Sg200-26fp Firmware -
Cisco Sg200-18 Firmware -
Cisco Sg200-10fp Firmware -
Cisco Sg200-08 Firmware -
Cisco Sg200-08p Firmware -
Cisco Sf200-24 Firmware -
Cisco Sf200-24p Firmware -
Cisco Sf200-24fp Firmware -
Cisco Sf200-48 Firmware -
Cisco Sf200-48p Firmware -
Cisco Sf302-08pp Firmware -
Cisco Sf302-08mpp Firmware -
Cisco Sg300-10pp Firmware -
Cisco Sg300-10mpp Firmware -
Cisco Sf300-24pp Firmware -
Cisco Sf300-48pp Firmware -
Cisco Sg300-28pp Firmware -
NA
CVE-2014-2129
The SIP inspection engine in Cisco Adaptive Security Appliance (ASA) Software 8.2 prior to 8.2(5.48), 8.4 prior to 8.4(6.5), 9.0 prior to 9.0(3.1), and 9.1 prior to 9.1(2.5) allows remote malicious users to cause a denial of service (memory consumption or device reload) via craft...
Cisco Adaptive Security Appliance Software 8.2
Cisco Adaptive Security Appliance Software 8.4
Cisco Adaptive Security Appliance Software 9.0
Cisco Adaptive Security Appliance Software 9.1
2 Nmap scripts
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »