Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
authentication agent for web vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-1999-0787
The SSH authentication agent follows symlinks via a UNIX domain socket.
Ssh Ssh 1.2.27
1 EDB exploit
7.2
CVSSv2
CVE-2021-3156
Sudo prior to 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
Sudo Project Sudo 1.9.5
Sudo Project Sudo
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Oncommand Unified Manager Core Package -
Mcafee Web Gateway 8.2.17
Mcafee Web Gateway 9.2.8
Mcafee Web Gateway 10.0.4
Synology Diskstation Manager 6.2
Synology Diskstation Manager Unified Controller 3.0
Synology Skynas Firmware -
Synology Vs960hd Firmware -
Beyondtrust Privilege Management For Mac
Beyondtrust Privilege Management For Unix\\/linux
Oracle Micros Compact Workstation 3 Firmware 310
Oracle Micros Es400 Firmware
Oracle Micros Kitchen Display System Firmware 210
Oracle Micros Workstation 5a Firmware 5a
142 Github repositories
1 Article
10
CVSSv2
CVE-2013-6026
The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows remote malicious users to bypass authentication and modify settings via an xmlset_r...
Dlink Di-604s -
Dlink Tm-g5240 -
Dlink Di-524up -
Dlink Di-604up -
Dlink Di-624s -
Dlink Di-604\\+ -
Dlink Dir-120 -
Dlink Dir-100 -
Alphanetworks Vdsl Asl-55052 -
Alphanetworks Vdsl Asl-56552 -
Planex Brl-04r -
Planex Brl-04cw -
Planex Brl-04ur -
2 Github repositories
8.5
CVSSv2
CVE-2013-6027
Stack-based buffer overflow in the RuntimeDiagnosticPing function in /bin/webs on D-Link DIR-100 routers might allow remote authenticated administrators to execute arbitrary commands via a long set/runtime/diagnostic/pingIp parameter to Tools/tools_misc.xgi.
Dlink Dir-100 -
1 EDB exploit
7.5
CVSSv2
CVE-2015-6420
Serialized-object interfaces in certain Cisco Collaboration and Social Media; Endpoint Clients and Client Software; Network Application, Service, and Acceleration; Network and Content Security Devices; Network Management and Provisioning; Routing and Switching - Enterprise and Se...
Apache Commons Collections
Apache Commons Collections 4.0
5 Github repositories
5
CVSSv2
CVE-2018-0296
A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote malicious user to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software ...
Cisco Adaptive Security Appliance Software 8.1\\(2.5\\)
Cisco Adaptive Security Appliance Software
Cisco Firepower Threat Defense 6.2.3
Cisco Firepower Threat Defense
Cisco Firepower Threat Defense 6.2.3.1
Cisco Firepower Threat Defense 6.2.3-851
Cisco Firepower Threat Defense 6.2.3-85.02
2 EDB exploits
11 Github repositories
1 Article
4.3
CVSSv2
CVE-2013-0942
Cross-site scripting (XSS) vulnerability in EMC RSA Authentication Agent 7.1 prior to 7.1.1 for Web for Internet Information Services, and 7.1 prior to 7.1.1 for Web for Apache, allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Emc Rsa Authentication Agent 7.1
6.8
CVSSv2
CVE-2010-2594
Multiple cross-site request forgery (CSRF) vulnerabilities in the web management interface in InterSect Alliance Snare Agent 3.2.3 and previous versions on Solaris, Snare Agent 3.1.7 and previous versions on Windows, Snare Agent 1.5.0 and previous versions on Linux and AIX, Snare...
Intersect Alliance Snare Agent
Intersect Alliance Snare Agent 3.0.0
Intersect Alliance Snare Agent 2.5.6
Intersect Alliance Snare Agent 2.1
Intersect Alliance Snare Agent 2.5.3
Intersect Alliance Snare Agent 2.5.2
Intersect Alliance Snare Agent 2.5
Intersect Alliance Snare Agent 2.4
Intersect Alliance Snare Agent 3.2.2
Intersect Alliance Snare Agent 3.2.1
Intersect Alliance Snare Agent 3.2.0
Intersect Alliance Snare Agent 3.1.0
Intersect Alliance Snare Agent 2.5.7
Intersect Alliance Snare Agent 2.5.4
Intersect Alliance Snare Agent 2.3
Intersect Alliance Snare Agent 2.0
Intersect Alliance Snare Agent 3.1.4
Intersect Alliance Snare Agent 3.1.2
Intersect Alliance Snare Agent 3.1.6
Intersect Alliance Snare Agent 3.1.5
Intersect Alliance Snare Agent 3.1.3
Intersect Alliance Snare Agent 1.1
5
CVSSv2
CVE-2014-3569
The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected ...
Openssl Openssl 1.0.1j
4.4
CVSSv2
CVE-2019-12418
When Apache Tomcat 9.0.0.M1 to 9.0.28, 8.5.0 to 8.5.47, 7.0.0 and 7.0.97 is configured with the JMX Remote Lifecycle Listener, a local attacker without access to the Tomcat process or configuration files is able to manipulate the RMI registry to perform a man-in-the-middle attack...
Apache Tomcat
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Oracle Workload Manager 18c
Oracle Workload Manager 19c
Oracle Workload Manager 12.2.0.1
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
Netapp Oncommand System Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »