Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
endpoint protection cloud vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-28879
A Denial-of-Service (DoS) vulnerability exists in F-Secure Atlant and in certain WithSecure products whereby the scanning the aepack.dll component can crash the scanning engine.
F-secure Elements Endpoint Protection -
F-secure Cloud Protection For Salesforce -
F-secure Atlant -
F-secure Internet Gatekeeper -
F-secure Linux Security -
F-secure Linux Security 64 -
F-secure Elements Collaboration Protection -
NA
CVE-2022-28882
A Denial-of-Service (DoS) vulnerability exists in F-Secure & WithSecure products whereby the aegen.dll will go into an infinite loop when unpacking PE files. This eventually leads to scanning engine crash. The exploit can be triggered remotely by an attacker.
F-secure Elements Endpoint Protection
F-secure Atlant
F-secure Internet Gatekeeper
F-secure Linux Security
F-secure Linux Security 64
F-secure Cloud Protection For Salesforce
F-secure Elements Collaboration Protection
4.3
CVSSv2
CVE-2021-44747
A Denial-of-Service (DoS) vulnerability exists in F-Secure Linux Security whereby the Fmlib component used in certain F-Secure products can crash while scanning fuzzed files. The exploit can be triggered remotely by an attacker. A successful attack will result in Denial-of-Servic...
F-secure Security Cloud
F-secure Internet Gatekeeper
F-secure Atlant
F-secure Linux Security
F-secure Elements Endpoint Protection
4.3
CVSSv2
CVE-2016-5310
The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows prior to 12.1.6 MP5; Symantec Endpoint Prot...
Symantec Protection Engine
Symantec Protection For Sharepoint Servers 6.0.5
Symantec Mail Security For Microsoft Exchange
Symantec Messaging Gateway
Symantec Mail Security For Domino
Symantec Endpoint Protection
Symantec Mail Security For Domino 8.1.3
Symantec Endpoint Protection For Small Business
Symantec Mail Security For Microsoft Exchange 7.0.3
Symantec Web Security.cloud -
Symantec Messaging Gateway For Service Providers 10.6
Symantec Protection For Sharepoint Servers 6.0.3
Symantec Mail Security For Microsoft Exchange 7.0.4
Symantec Protection Engine 7.5.0
Symantec Mail Security For Microsoft Exchange 7.5.2
Symantec Mail Security For Microsoft Exchange 7.5.1
Symantec Protection For Sharepoint Servers 6.0.7
Symantec Messaging Gateway For Service Providers 10.5
Symantec Advanced Threat Protection -
Symantec Mail Security For Domino 8.1.2
Symantec Protection For Sharepoint Servers 6.0.4
Symantec Protection Engine 7.5.1
1 EDB exploit
4.3
CVSSv2
CVE-2016-5309
The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows prior to 12.1.6 MP5; Symantec Endpoint Prot...
Symantec Protection Engine
Symantec Protection For Sharepoint Servers 6.0.5
Symantec Mail Security For Microsoft Exchange
Symantec Messaging Gateway
Symantec Mail Security For Domino
Symantec Endpoint Protection
Symantec Mail Security For Domino 8.1.3
Symantec Endpoint Protection For Small Business
Symantec Mail Security For Microsoft Exchange 7.0.3
Symantec Web Security.cloud -
Symantec Messaging Gateway For Service Providers 10.6
Symantec Protection For Sharepoint Servers 6.0.3
Symantec Mail Security For Microsoft Exchange 7.0.4
Symantec Protection Engine 7.5.0
Symantec Mail Security For Microsoft Exchange 7.5.2
Symantec Mail Security For Microsoft Exchange 7.5.1
Symantec Protection For Sharepoint Servers 6.0.7
Symantec Messaging Gateway For Service Providers 10.5
Symantec Advanced Threat Protection -
Symantec Mail Security For Domino 8.1.2
Symantec Protection For Sharepoint Servers 6.0.4
Symantec Protection Engine 7.5.1
1 EDB exploit
NA
CVE-2023-20052
On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and previous versions, 0.105.1 and previous versions, and 0.103.7 and previous versions could allow an unauthenticated, remot...
Cisco Secure Endpoint Private Cloud
Cisco Secure Endpoint
Clamav Clamav 1.0.0
Clamav Clamav
Stormshield Stormshield Network Security
3 Github repositories
1 Article
NA
CVE-2023-20084
A vulnerability in the endpoint software of Cisco Secure Endpoint for Windows could allow an authenticated, local malicious user to evade endpoint protection within a limited time window. This vulnerability is due to a timing issue that occurs between various software components....
Cisco Secure Endpoint 6.0.9
Cisco Secure Endpoint 6.0.7
Cisco Secure Endpoint 6.1.5
Cisco Secure Endpoint 6.1.7
Cisco Secure Endpoint 6.1.9
Cisco Secure Endpoint 6.2.1
Cisco Secure Endpoint 6.2.5
Cisco Secure Endpoint 6.2.19
Cisco Secure Endpoint 6.2.3
Cisco Secure Endpoint 6.2.9
Cisco Secure Endpoint 6.3.5
Cisco Secure Endpoint 6.3.1
Cisco Secure Endpoint 6.3.7
Cisco Secure Endpoint 6.3.3
Cisco Secure Endpoint 7.0.5
Cisco Secure Endpoint 7.1.1
Cisco Secure Endpoint 7.1.5
Cisco Secure Endpoint 7.2.13
Cisco Secure Endpoint 7.2.7
Cisco Secure Endpoint 7.2.3
Cisco Secure Endpoint 7.2.11
Cisco Secure Endpoint 7.2.5
NA
CVE-2023-20032
On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and previous versions, 0.105.1 and previous versions, and 0.103.7 and previous versions could allow an unauthentic...
Cisco Web Security Appliance
Cisco Secure Endpoint Private Cloud
Cisco Secure Endpoint
Clamav Clamav 1.0.0
Clamav Clamav
Stormshield Stormshield Network Security
2 Github repositories
1 Article
6.8
CVSSv2
CVE-2022-22947
In spring cloud gateway versions before 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote ex...
Vmware Spring Cloud Gateway 3.1.0
Vmware Spring Cloud Gateway
Oracle Commerce Guided Search 11.3.2
Oracle Communications Cloud Native Core Network Slice Selection Function 1.8.0
Oracle Communications Cloud Native Core Network Slice Selection Function 22.1.0
Oracle Communications Cloud Native Core Network Repository Function 1.15.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
Oracle Communications Cloud Native Core Network Exposure Function 22.1.0
Oracle Communications Cloud Native Core Service Communication Proxy 1.15.0
Oracle Communications Cloud Native Core Network Repository Function 1.15.1
Oracle Communications Cloud Native Core Binding Support Function 1.11.0
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Communications Cloud Native Core Network Repository Function 22.2.0
Oracle Communications Cloud Native Core Security Edge Protection Proxy 22.1.1
Oracle Communications Cloud Native Core Console 22.2.0
Oracle Communications Cloud Native Core Network Repository Function 22.1.2
79 Github repositories
2 Articles
7.5
CVSSv2
CVE-2022-22965
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e....
Vmware Spring Framework
Cisco Cx Cloud Agent
Oracle Sd-wan Edge 9.0
Oracle Retail Xstore Point Of Service 20.0.1
Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.7.0
Oracle Financial Services Analytical Applications Infrastructure 8.1.1
Oracle Sd-wan Edge 9.1
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Oracle Product Lifecycle Analytics 3.6.1
Oracle Financial Services Enterprise Case Management 8.1.1.0
Oracle Financial Services Enterprise Case Management 8.1.1.1
Oracle Financial Services Behavior Detection Platform 8.1.2.0
Oracle Financial Services Behavior Detection Platform 8.1.1.1
Oracle Financial Services Behavior Detection Platform 8.1.1.0
Oracle Communications Cloud Native Core Console 1.9.0
Oracle Communications Cloud Native Core Policy 1.15.0
Oracle Communications Cloud Native Core Unified Data Repository 1.15.0
Oracle Communications Cloud Native Core Unified Data Repository 22.1.0
Oracle Communications Cloud Native Core Security Edge Protection Proxy 22.1.0
175 Github repositories
7 Articles
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »