Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
leak vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-228972023
SecurePoint UTM versions 12.x suffers from a memory leak vulnerability via the spcgi.cgi endpoint.
NA
CVE-2013-4302
(1) ApiBlock.php, (2) ApiCreateAccount.php, (3) ApiLogin.php, (4) ApiMain.php, (5) ApiQueryDeletedrevs.php, (6) ApiTokens.php, and (7) ApiUnblock.php in includes/api/ in MediaWiki 1.19.x prior to 1.19.8, 1.20.x prior to 1.20.7, and 1.21.x prior to 1.21.2 allow remote malicious us...
Mediawiki Mediawiki 1.20.3
Mediawiki Mediawiki 1.20.4
Mediawiki Mediawiki 1.19.4
Mediawiki Mediawiki 1.19.5
Mediawiki Mediawiki 1.20.1
Mediawiki Mediawiki 1.20.2
Mediawiki Mediawiki 1.19.2
Mediawiki Mediawiki 1.19.3
Mediawiki Mediawiki 1.21.1
Mediawiki Mediawiki 1.20
Mediawiki Mediawiki 1.19.0
Mediawiki Mediawiki 1.19.1
Mediawiki Mediawiki 1.21
Mediawiki Mediawiki 1.20.5
Mediawiki Mediawiki 1.20.6
Mediawiki Mediawiki 1.19.6
Mediawiki Mediawiki 1.19.7
NA
CVE-2014-2122
Memory leak in the GUI in the Impact server in Cisco Hosted Collaboration Solution (HCS) allows remote malicious users to cause a denial of service (memory consumption) via unspecified vectors, aka Bug ID CSCub58999.
Cisco Hosted Collaboration Solution -
NA
CVE-2002-0339
Cisco IOS 11.1CC up to and including 12.2 with Cisco Express Forwarding (CEF) enabled includes portions of previous packets in the padding of a MAC level packet when the MAC packet's length is less than the IP level packet length.
Cisco Ios 12.1e
Cisco Ios 12.1t
Cisco Ios 12.2
Cisco Ios 12.2t
Cisco Ios 11.1cc
Cisco Ios 12.0
Cisco Ios 12.0st
Cisco Ios 12.1
Cisco Ios 12.0s
Cisco Ios 12.0t
NA
CVE-2002-0949
Telindus 1100 series ADSL router allows remote malicious users to gain privileges to the device via a certain packet to UDP port 9833, which generates a reply that includes the router's password and other sensitive information in cleartext.
Telindus Adsl Router 1120
Telindus Adsl Router 1110
1 EDB exploit
7.5
CVSSv3
CVE-2016-7189
The Chakra JavaScript engine in Microsoft Edge allows remote malicious users to execute arbitrary code via a crafted web site, aka "Scripting Engine Remote Code Execution Vulnerability."
Microsoft Edge -
1 EDB exploit
7.5
CVSSv3
CVE-2016-7194
The Chakra JavaScript engine in Microsoft Edge allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-201...
Microsoft Edge
1 EDB exploit
7.5
CVSSv3
CVE-2023-22620
An issue exists in SecurePoint UTM prior to 12.2.5.1. The firewall's endpoint at /spcgi.cgi allows sessionid information disclosure via an invalid authentication attempt. This can afterwards be used to bypass the device's authentication and get access to the administrat...
Securepoint Unified Threat Management
1 Github repository
NA
CVE-2023-226202
SecurePoint UTM versions 12.x suffers from a session identifier leak vulnerability via the spcgi.cgi endpoint.
NA
CVE-2023-226202023
SecurePoint UTM versions 12.x suffers from a session identifier leak vulnerability via the spcgi.cgi endpoint.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »