Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
full full - customer vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2022-39275
Saleor is a headless, GraphQL commerce platform. In affected versions some GraphQL mutations were not properly checking the ID type input which allowed to access database objects that the authenticated user may not be allowed to access. This vulnerability can be used to expose th...
Saleor Saleor
7.5
CVSSv3
CVE-2018-14608
Thomson Reuters UltraTax CS 2017 on Windows has a password protection option; however, the level of protection might be inconsistent with some customers' expectations because the data is directly accessible in cleartext. Specifically, it stores customer data in unique direct...
Thomsonreuters Ultratax Cs 2017
10
CVSSv3
CVE-2018-0101
A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote malicious user to cause a reload of the affected system or to remotely execute code. The vulnerability is due to an a...
Cisco Adaptive Security Appliance Software
Cisco Firepower Threat Defense 6.0.0
Cisco Firepower Threat Defense 6.0.1
Cisco Firepower Threat Defense 6.2.0
Cisco Firepower Threat Defense 6.1.0
Cisco Firepower Threat Defense 6.2.2
Cisco Firepower Threat Defense 6.2.1
1 EDB exploit
6 Github repositories
9.8
CVSSv3
CVE-2017-3221
Blind SQL injection in Inmarsat AmosConnect 8 login form allows remote malicious users to access user credentials, including user names and passwords.
Inmarsat Amosconnect 8 8.4.0.1
Inmarsat Amosconnect 8 8.2.1
Inmarsat Amosconnect 8 8.3.0
Inmarsat Amosconnect 8 8.0.1
Inmarsat Amosconnect 8 8.0
Inmarsat Amosconnect 8 8.2.2
Inmarsat Amosconnect 8 8.4.0
Inmarsat Amosconnect 8 8.3.1
Inmarsat Amosconnect 8 8.2.0
Inmarsat Amosconnect 8 8.0.2
6.5
CVSSv3
CVE-2016-5653
Multiple SQL injection vulnerabilities in Misys FusionCapital Opics Plus allow remote authenticated users to execute arbitrary SQL commands via the (1) ID or (2) Branch parameter.
Misys Fusioncapital Opics Plus -
7.5
CVSSv3
CVE-2016-5654
Misys FusionCapital Opics Plus allows remote authenticated users to gain privileges via a man-in-the-middle attack that modifies the xmlMessageOut parameter.
Misys Fusioncapital Opics Plus -
5.9
CVSSv3
CVE-2016-5655
Misys FusionCapital Opics Plus does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to obtain sensitive information via a crafted certificate.
Misys Fusioncapital Opics Plus -
9.8
CVSSv3
CVE-2016-5048
SQL injection vulnerability in chat/staff/default.aspx in ReadyDesk 9.1 allows remote malicious users to execute arbitrary SQL commands via the user name field.
Readydesk Readydesk 9.1
7.5
CVSSv3
CVE-2016-5049
Directory traversal vulnerability in chat/openattach.aspx in ReadyDesk 9.1 allows remote malicious users to read arbitrary files via a .. (dot dot) in the SESID parameter in conjunction with a filename in the FNAME parameter.
Readydesk Readydesk 9.1
9.8
CVSSv3
CVE-2016-5050
Unrestricted file upload vulnerability in chat/sendfile.aspx in ReadyDesk 9.1 allows remote malicious users to execute arbitrary code by uploading and requesting a .aspx file.
Readydesk Readydesk 9.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30078
CVE-2024-37896
code injection
CVE-2024-3080
CVE-2024-5172
cross-site request forgery
CVE-2024-6111
firmware
CVE-2024-38504
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »