Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
stack vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2023-26494
lorawan-stack is an open source LoRaWAN network server. Prior to version 3.24.1, an open redirect exists on the login page of the lorawan stack server, allowing an malicious user to supply a user controlled redirect upon sign in. This issue may allows malicious actors to phish us...
Thethingsnetwork Lorawan-stack
NA
CVE-2006-5611
Unspecified vulnerability in Toshiba Bluetooth Stack prior to 4.20.01 has unspecified impact and attack vectors, related to the 4.20.01(T) "Security fix." NOTE: due to the lack of details in the vendor advisory, it is not clear whether this issue is related to CVE-2006-...
Toshiba Bluetooth Stack
7.5
CVSSv3
CVE-2019-1234
A spoofing vulnerability exists when Azure Stack fails to validate certain requests, aka 'Azure Stack Spoofing Vulnerability'.
Microsoft Azure Stack -
2 Github repositories
2 Articles
6.5
CVSSv3
CVE-2023-6199
Book Stack version 23.10.2 allows filtering local files on the server. This is possible because the application is vulnerable to SSRF.
Bookstackapp Book Stack 23.10.2
7
CVSSv3
CVE-2023-43741
A time-of-check-time-of-use race condition vulnerability in Buildkite Elastic CI for AWS versions before 6.7.1 and 5.22.5 allows the buildkite-agent user to bypass a symbolic link check for the PIPELINE_PATH variable in the fix-buildkite-agent-builds-permissions script.
Buildkite Elastic Ci Stack
7.8
CVSSv3
CVE-2023-43116
A symbolic link following vulnerability in Buildkite Elastic CI for AWS versions before 6.7.1 and 5.22.5 allows the buildkite-agent user to change ownership of arbitrary directories via the PIPELINE_PATH variable in the fix-buildkite-agent-builds-permissions script.
Buildkite Elastic Ci Stack
6.5
CVSSv3
CVE-2024-20679
Azure Stack Hub Spoofing Vulnerability
Microsoft Azure Stack Hub
6.1
CVSSv3
CVE-2017-11175
In J2 Innovations FIN Stack 4.0, the authentication webform is vulnerable to reflected XSS via the query string to /login.
Siemens Fin Stack 4.0
1 Github repository
7.5
CVSSv3
CVE-2020-27891
The Zigbee protocol implementation on Texas Instruments CC2538 devices with Z-Stack 3.0.1 does not properly process a ZCL Read Reporting Configuration Response message. It crashes in zclHandleExternal().
Ti Z-stack 3.0.1
1 Github repository
7.5
CVSSv3
CVE-2022-24381
All versions of package asneg/opcuastack are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number ...
Asneg Opc Ua Stack
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »