Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
prime infrastructure vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2022-20659
A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the interface of an affe...
Cisco Prime Infrastructure
Cisco Evolved Programmable Network Manager
NA
CVE-2022-20657
Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network Manager (EPNM) could allow an attacker to conduct a path traversal attack on an affected device or conduct a cross-site scripting (XSS) attack ...
NA
CVE-2022-20656
Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network Manager (EPNM) could allow an attacker to conduct a path traversal attack on an affected device or conduct a cross-site scripting (XSS) attack ...
6.6
CVSSv3
CVE-2021-44832
Apache Log4j2 versions 2.0-beta7 up to and including 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the tar...
Apache Log4j 2.0
Apache Log4j
Oracle Weblogic Server 12.2.1.3.0
Oracle Primavera Unifier 18.8
Oracle Weblogic Server 12.2.1.4.0
Oracle Primavera Unifier 19.12
Oracle Weblogic Server 14.1.1.0.0
Oracle Primavera Unifier 20.12
Oracle Communications Interactive Session Recorder 6.3
Oracle Communications Interactive Session Recorder 6.4
Oracle Primavera Gateway
Oracle Retail Assortment Planning 16.0.3
Oracle Primavera Unifier 21.12
Oracle Primavera P6 Enterprise Project Portfolio Management 21.12.0.0
Oracle Primavera P6 Enterprise Project Portfolio Management
Oracle Primavera Gateway 21.12.0
Oracle Retail Fiscal Management 14.2
Oracle Siebel Ui Framework 21.12
Oracle Communications Diameter Signaling Router
Cisco Cloudcenter 4.10.0.16
Fedoraproject Fedora 34
Fedoraproject Fedora 35
33 Github repositories
4 Articles
5.9
CVSSv3
CVE-2021-45105
Apache Log4j2 versions 2.0-alpha1 up to and including 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted strin...
Apache Log4j
Netapp Cloud Manager -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Sonicwall Network Security Manager
Sonicwall Email Security
Sonicwall Web Application Firewall
Sonicwall 6bk1602-0aa12-0tp0 Firmware
Sonicwall 6bk1602-0aa22-0tp0 Firmware
Sonicwall 6bk1602-0aa32-0tp0 Firmware
Sonicwall 6bk1602-0aa42-0tp0 Firmware
Sonicwall 6bk1602-0aa52-0tp0 Firmware
Oracle E-business Suite 12.2
Oracle Retail Back Office 14.1
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Sites 12.2.1.3.0
Oracle Managed File Transfer 12.2.1.3.0
Oracle Retail Order Broker 16.0
Oracle Retail Integration Bus 14.1.3
Oracle Retail Returns Management 14.1
Oracle Retail Central Office 14.1
73 Github repositories
5 Articles
9
CVSSv3
CVE-2021-45046
It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with...
Apache Log4j 2.0
Apache Log4j
Intel Oneapi -
Intel Audio Development Kit -
Intel Datacenter Manager -
Intel System Debugger -
Intel Secure Device Onboard -
Intel Sensor Solution Firmware Development Kit -
Intel Computer Vision Annotation Tool -
Intel Genomics Kernel Library -
Intel System Studio -
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
189 Github repositories
9 Articles
10
CVSSv3
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0
Apache Log4j
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Siemens Head-end System Universal Device Integration System
Siemens Gma-manager
Siemens Energyip 8.5
Siemens Energyip 8.6
Siemens Energyip 8.7
Siemens Energyip 9.0
Siemens Energy Engage 3.1
Siemens E-car Operation Center
2 Metasploit modules
1137 Github repositories
28 Articles
5.4
CVSSv3
CVE-2021-34784
A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote malicious user to conduct a stored cross-site scripting (XSS) attack against a user of the web-based...
Cisco Prime Infrastructure
Cisco Evolved Programmable Network Manager
7.5
CVSSv3
CVE-2021-36160
A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive).
Apache Http Server
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Cloud Backup -
Netapp Storagegrid -
Netapp Clustered Data Ontap -
Oracle Http Server 12.2.1.3.0
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Oracle Enterprise Manager Base Platform 13.5.0.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
Broadcom Brocade Fabric Operating System Firmware -
7.5
CVSSv3
CVE-2021-34798
Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and previous versions.
Apache Http Server
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Cloud Backup -
Netapp Storagegrid -
Netapp Clustered Data Ontap -
Tenable Tenable.sc
Oracle Http Server 12.2.1.3.0
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Oracle Enterprise Manager Base Platform 13.5.0.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
Broadcom Brocade Fabric Operating System Firmware -
Siemens Sinema Server 14.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-24955
man-in-the-middle
dos
CVE-2024-2818
CVE-2024-30584
CVE-2024-31134
camera
CVE-2023-45866
CVE-2024-30585
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »