Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
deep security vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2006-0578
Blue Coat Proxy Security Gateway OS (SGOS) 4.1.2.1 does not enforce CONNECT rules when using Deep Content Inspection, which allows remote malicious users to bypass connection filters.
Bluecoat Sgos 4.1.2.1
668
VMScore
CVE-2019-10747
set-value is vulnerable to Prototype Pollution in versions lower than 3.0.1. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using any of the constructor, prototype and _proto_ payloads.
Set-value Project Set-value
1 Github repository
490
VMScore
CVE-2020-1727
A vulnerability was found in Keycloak prior to 9.0.2, where every Authorization URL that points to an IDP server lacks proper input validation as it allows a wide range of characters. This flaw allows a malicious to craft deep links that introduce further attack scenarios on affe...
Redhat Keycloak
445
VMScore
CVE-2016-4425
Jansson 2.7 and previous versions allows context-dependent malicious users to cause a denial of service (deep recursion, stack consumption, and crash) via crafted JSON data.
Jansson Project Jansson
578
VMScore
CVE-2020-8602
A vulnerability in the management consoles of Trend Micro Deep Security 10.0-12.0 and Trend Micro Vulnerability Protection 2.0 SP2 may allow an authenticated attacker with full control privileges to bypass file integrity checks, leading to remote code execution.
Trendmicro Deep Security Manager 10.0
Trendmicro Deep Security Manager 11.0
Trendmicro Deep Security Manager 12.0
Trendmicro Vulnerability Protection 2.0
NA
CVE-2022-40710
A link following vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local malicious user to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged...
Trendmicro Deep Security Agent 20.0
NA
CVE-2022-42003
In FasterXML jackson-databind prior to 2.13.4.1 and 2.12.17.1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled.
Fasterxml Jackson-databind
Quarkus Quarkus
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Oncommand Workflow Automation -
6 Github repositories
614
VMScore
CVE-2022-23120
A code injection vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an malicious user to escalate privileges and run arbitrary code in the context of root. Please note: an attacker must first obtain access...
Trendmicro Deep Security Agent 10.0
Trendmicro Deep Security Agent 11.0
Trendmicro Deep Security Agent 12.0
Trendmicro Deep Security Agent
1 Github repository
187
VMScore
CVE-2021-29557
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in `tf.raw_ops.SparseMatMul`. The division by 0 occurs deep in Eigen code because the `b` tensor is empty. The fix will be included in TensorFl...
NA
CVE-2022-40707
An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local malicious user to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execut...
Trendmicro Deep Security Agent 20.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »