Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
server control vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2015-0700
Cross-site request forgery (CSRF) vulnerability in the Dashboard page in the monitoring-and-report section in Cisco Secure Access Control Server Solution Engine prior to 5.5(0.46.5) allows remote malicious users to hijack the authentication of arbitrary users, aka Bug ID CSCuj629...
Cisco Secure Access Control Server Solution Engine 5.5.0.36
Cisco Secure Access Control Server Solution Engine 5.5.0.46.4
Cisco Secure Access Control Server Solution Engine 5.4.0.46.6
7.5
CVSSv2
CVE-2003-1030
Buffer overflow in DameWare Mini Remote Control prior to 3.73 allows remote malicious users to execute arbitrary code via a long pre-authentication request to TCP port 6129.
Dameware Development Mini Remote Control Server 3.70 .0.0
Dameware Development Mini Remote Control Server 3.71 .0.0
Dameware Development Mini Remote Control Server 3.72 .0.0
4 EDB exploits
10
CVSSv2
CVE-2005-3460
Unspecified vulnerability in Oracle Agent in Oracle Enterprise Manager 9.0.4.1 up to 10.1.0.4 has unknown impact and attack vectors, as identified by Oracle Vuln# EM01.
Oracle Enterprise Manager Application Server Control 9.0.4.1
Oracle Enterprise Manager Application Server Control 9.0.4.2
Oracle 10g Enterprise Manager Database Control 10.1.0.3
Oracle 10g Enterprise Manager Database Control 10.1.0.4
6.8
CVSSv2
CVE-2012-1737
Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Database Server 11.1.0.7, 11.2.0.2, and 11.2.0.3, and Enterprise Manager Grid Control EM Base Platform 10.2.0.5, EM Base Platform 11.1.0.1, EM Plugin for DB 12.1.0.1, and EM Plugin for DB ...
Oracle Database Server 11.2.0.3
Oracle Enterprise Manager Grid Control 10.2.0.5
Oracle Enterprise Manager Grid Control 12.1.0.2
Oracle Database Server 11.1.0.7
Oracle Database Server 11.2.0.2
Oracle Enterprise Manager Grid Control 11.1.0.1
Oracle Enterprise Manager Grid Control 12.1.0.1
6.8
CVSSv2
CVE-2011-2248
Unspecified vulnerability in the SQL Performance Advisories/UIs component in Oracle Database Server 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6, 10.2.0.5, and 11.1.0.1; allows remote malicious users to affect confidentiality, integrity, a...
Oracle Database Server 11.2.0.2
Oracle Database Server 11.2.0.1
Oracle Database Server 11.1.0.7
Oracle Enterprise Manager Grid Control 10.2.0.5
Oracle Enterprise Manager Grid Control 11.1.0.1
Oracle Enterprise Manager Grid Control 10.1.0.6
6.8
CVSSv2
CVE-2011-0882
Unspecified vulnerability in the Content Management component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, and 11.1.0.7; and Oracle Enterprise Manager Grid Control 10.1.0.6, 10.2.0.5, and 11.1.0.1; allows remote malicious users to affect confidentiality, integrity, and...
Oracle Database Server 10.2.0.4
Oracle Database Server 11.1.0.7
Oracle Database Server 10.1.0.5
Oracle Database Server 10.2.0.3
Oracle Enterprise Manager Grid Control 10.1.0.6
Oracle Enterprise Manager Grid Control 10.2.0.5
Oracle Enterprise Manager Grid Control 11.1.0.1
6.5
CVSSv2
CVE-2015-6345
SQL injection vulnerability in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCuw24700.
Cisco Secure Access Control Server 5.7.0.15
4
CVSSv2
CVE-2015-6347
The Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authenticated users to bypass intended RBAC restrictions, and create a dashboard or portlet, by visiting an unspecified web page.
Cisco Secure Access Control Server 5.7.0.15
4.3
CVSSv2
CVE-2015-6349
Cross-site scripting (XSS) vulnerability in the web interface in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote malicious users to inject arbitrary web script or HTML via a crafted URL.
Cisco Secure Access Control Server 5.7.0.15
4
CVSSv2
CVE-2015-6348
The report-generation web interface in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authenticated users to bypass intended RBAC restrictions, and read report or status information, by visiting an unspecified web page.
Cisco Secure Access Control Server 5.7.0.15
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »