Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
weak vulnerabilities and exploits
(subscribe to this query)
365
VMScore
CVE-2001-0259
ssh-keygen in ssh 1.2.27 - 1.2.30 with Secure-RPC can allow local malicious users to recover a SUN-DES-1 magic phrase generated by another user, which the attacker can use to decrypt that user's private key file.
Ssh Ssh 1.2.28
Ssh Ssh 1.2.29
Ssh Ssh 1.2.27
Ssh Ssh 1.2.30
1 EDB exploit
NA
CVE-2023-25356
CoreDial sipXcom up to and including 21.04 is vulnerable to Improper Neutralization of Argument Delimiters in a Command. XMPP users are able to inject arbitrary arguments into a system command, which can be used to read files from, and write files to, the sipXcom server. This can...
Coredial Sipxcom
1 Github repository
NA
CVE-2023-25355
CoreDial sipXcom up to and including 21.04 is vulnerable to Insecure Permissions. A user who has the ability to run commands as the `daemon` user on a sipXcom server can overwrite a service file, and escalate their privileges to `root`.
Coredial Sipxcom
1 Github repository
465
VMScore
CVE-2000-0625
NetZero 3.0 and previous versions uses weak encryption for storing a user's login information, which allows a local user to decrypt the password.
Netzero Zeroport
1 EDB exploit
1000
VMScore
CVE-2000-0684
BEA WebLogic 5.1.x does not properly restrict access to the JSPServlet, which could allow remote malicious users to compile and execute Java JSP code by directly invoking the servlet on any source file.
Bea Weblogic Server 3.1.8
Bea Weblogic Server 4.5.1
Bea Weblogic Server 4.0.4
1 EDB exploit
755
VMScore
CVE-2000-0589
SawMill 5.0.21 uses weak encryption to store passwords, which allows malicious users to easily decrypt the password and modify the SawMill configuration.
Sawmill Sawmill 5.0.21
1 EDB exploit
641
VMScore
CVE-2014-3419
Infoblox NetMRI prior to 6.8.5 has a default password of admin for the "root" MySQL database account, which makes it easier for local users to obtain access via unspecified vectors.
Infoblox Netmri 6.0.2.42
Infoblox Netmri
Infoblox Netmri 6.2.1.48
Infoblox Netmri 6.2.1
Infoblox Netmri 6.1.2
Infoblox Netmri 6.8.2.11
NA
CVE-2010-02312
Flaws in Microsoft's implementation of the NTLM challenge-response authentication protocol causing the server to generate duplicate challenges/nonces and an information leak allow an unauthenticated remote attacker without any kind of credentials to access the SMB service of...
465
VMScore
CVE-2004-2176
The Internet Connection Firewall (ICF) in Microsoft Windows XP SP2 is configured by default to trust sessmgr.exe, which allows local users to use sessmgr.exe to create a local listening port that bypasses the ICF access controls.
Microsoft Windows Xp
1 EDB exploit
1000
VMScore
CVE-2000-0244
The Citrix ICA (Independent Computing Architecture) protocol uses weak encryption (XOR) for user authentication.
Citrix Metaframe 1.0
Citrix Metaframe
Citrix Winframe 3.5 1.8 For Windows Nt
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »