Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xml injection vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2020-24916
CGI implementation in Yaws web server versions 1.81 to 2.0.7 is vulnerable to OS command injection.
Yaws Yaws
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
890
VMScore
CVE-2019-15310
An issue exists on various devices via the Linkplay firmware. There is WAN remote code execution without user interaction. An attacker could retrieve the AWS key from the firmware and obtain full control over Linkplay's AWS estate, including S3 buckets containing device firm...
Linkplay Linkplay -
890
VMScore
CVE-2013-2459
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and previous versions, 6 Update 45 and previous versions, and 5.0 Update 45 and previous versions, and OpenJDK 7, allows remote malicious users to affect confidentiality, integ...
Oracle Jre 1.7.0
Oracle Jre
Oracle Jdk 1.7.0
Oracle Jdk
Sun Jre 1.6.0
Oracle Jre 1.6.0
Sun Jdk 1.6.0
Oracle Jdk 1.6.0
Sun Jre 1.5.0
Oracle Jre 1.5.0
Sun Jdk 1.5.0
Oracle Jdk 1.5.0
890
VMScore
CVE-2013-2469
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and previous versions, 6 Update 45 and previous versions, and 5.0 Update 45 and previous versions, and OpenJDK 7, allows remote malicious users to affect confidentiality, integ...
Oracle Jre 1.7.0
Oracle Jre
Oracle Jdk 1.7.0
Oracle Jdk
Sun Jre 1.6.0
Oracle Jre 1.6.0
Sun Jdk 1.6.0
Oracle Jdk 1.6.0
Sun Jre 1.5.0
Oracle Jre 1.5.0
Sun Jdk 1.5.0
Oracle Jdk 1.5.0
890
VMScore
CVE-2013-2463
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and previous versions, 6 Update 45 and previous versions, and 5.0 Update 45 and previous versions, and OpenJDK 7, allows remote malicious users to affect confidentiality, integ...
Oracle Jre 1.7.0
Oracle Jre
Oracle Jdk 1.7.0
Oracle Jdk
Sun Jre 1.6.0
Oracle Jre 1.6.0
Sun Jdk 1.6.0
Oracle Jdk 1.6.0
Sun Jre 1.5.0
Oracle Jre 1.5.0
Sun Jdk 1.5.0
Oracle Jdk 1.5.0
1 Article
890
VMScore
CVE-2013-2471
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and previous versions, 6 Update 45 and previous versions, and 5.0 Update 45 and previous versions, and OpenJDK 7, allows remote malicious users to affect confidentiality, integ...
Oracle Jre 1.7.0
Oracle Jre
Oracle Jdk 1.7.0
Oracle Jdk
Sun Jre 1.6.0
Oracle Jre 1.6.0
Sun Jdk 1.6.0
Oracle Jdk 1.6.0
Sun Jre 1.5.0
Oracle Jre 1.5.0
Sun Jdk 1.5.0
Oracle Jdk 1.5.0
890
VMScore
CVE-2013-2473
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and previous versions, 6 Update 45 and previous versions, and 5.0 Update 45 and previous versions, and OpenJDK 7, allows remote malicious users to affect confidentiality, integ...
Oracle Jre 1.7.0
Oracle Jre
Oracle Jdk 1.7.0
Oracle Jdk
Sun Jre 1.6.0
Oracle Jre 1.6.0
Sun Jdk 1.6.0
Oracle Jdk 1.6.0
Sun Jre 1.5.0
Oracle Jre 1.5.0
Sun Jdk 1.5.0
Oracle Jdk 1.5.0
1 Article
890
VMScore
CVE-2011-0372
The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x up to and including 1.5.x allows remote malicious users to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCtb31640.
Cisco Telepresence System Software 1.2.3
Cisco Telepresence System Software 1.3.2
Cisco Telepresence System Software 1.4.7
Cisco Telepresence System Software 1.5.1
Cisco Telepresence System Software 1.5.3
Cisco Telepresence System Software 1.5.10
Cisco Telepresence System Software 1.5.11
Cisco Telepresence System Software 1.5.12
Cisco Telepresence System Software 1.5.13
Cisco Telepresence System 1000
Cisco Telepresence System 1100
Cisco Telepresence System 3000
Cisco Telepresence System 1300 Series
Cisco Telepresence System 3200 Series
Cisco Telepresence System 500 Series
890
VMScore
CVE-2011-0376
The TFTP implementation on Cisco TelePresence endpoint devices with software 1.2.x up to and including 1.5.x, 1.6.0, and 1.6.1 allows remote malicious users to obtain sensitive information via a GET request, aka Bug ID CSCte43876.
Cisco Telepresence System Software 1.2.3
Cisco Telepresence System Software 1.3.2
Cisco Telepresence System Software 1.4.7
Cisco Telepresence System Software 1.5.1
Cisco Telepresence System Software 1.5.3
Cisco Telepresence System Software 1.5.10
Cisco Telepresence System Software 1.5.11
Cisco Telepresence System Software 1.5.12
Cisco Telepresence System Software 1.5.13
Cisco Telepresence System 1000
Cisco Telepresence System 1100
Cisco Telepresence System 3000
Cisco Telepresence System 1300 Series
Cisco Telepresence System 3200 Series
Cisco Telepresence System Software 1.6.0
Cisco Telepresence System Software 1.6.1
Cisco Telepresence System 500 Series
890
VMScore
CVE-2011-0382
The CGI subsystem on Cisco TelePresence Recording Server devices with software 1.6.x prior to 1.6.2 allows remote malicious users to execute arbitrary commands via a request to TCP port 443, related to a "command injection vulnerability," aka Bug ID CSCtf97221.
Cisco Telepresence Recording Server Software 1.6.1
Cisco Telepresence Recording Server
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »