Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
portcullis-security.com vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-5877
Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0, 7.3.1, 12.2.0, and 12.2.1 allows remote malicious users to affect confidentiality via unknown vectors related to DM Others.
Oracle Supply Chain Products Suite Sql-server 7.3.0
Oracle Supply Chain Products Suite Sql-server 12.2.1
Oracle Supply Chain Products Suite 7.2.0.3
Oracle Supply Chain Products Suite Sql-server 12.2.0
Oracle Supply Chain Products Suite Sql-server 7.3.1
1 EDB exploit
NA
CVE-2013-5880
Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 12.2.0, 12.2.1, and 12.2.2 allows remote malicious users to affect confidentiality via unknown vectors related to DM Others.
Oracle Supply Chain Products Suite 12.2.2
Oracle Supply Chain Products Suite 12.2.1
Oracle Supply Chain Products Suite 12.2.0
1 EDB exploit
NA
CVE-2015-5074
Incomplete blacklist vulnerability in the FileUploadsFilter class in protected/components/filters/FileUploadsFilter.php in X2Engine X2CRM prior to 5.0.9 allows remote authenticated users to execute arbitrary PHP code by uploading a file with a .pht extension.
X2engine X2crm
1 EDB exploit
NA
CVE-2014-7178
Enalean Tuleap prior to 7.5.99.6 allows remote malicious users to execute arbitrary commands via the User-Agent header, which is provided to the passthru PHP function.
Enalean Tuleap
1 EDB exploit
NA
CVE-2014-0379
Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0.x, 7.3.1.x, 12.2.0, 12.2.1, and 12.2.2 allows remote malicious users to affect integrity via unknown vectors related to DM Others.
Oracle Supply Chain Products Suite Sql-server 7.3.0
Oracle Supply Chain Products Suite Sql-server 12.2.1
Oracle Supply Chain Products Suite 7.2.0.3
Oracle Supply Chain Products Suite Sql-server 12.2.2
Oracle Supply Chain Products Suite Sql-server 12.2.0
Oracle Supply Chain Products Suite Sql-server 7.3.1
1 EDB exploit
NA
CVE-2015-5075
Cross-site request forgery (CSRF) vulnerability in X2Engine X2CRM prior to 5.2 allows remote malicious users to hijack the authentication of administrators for requests that create an administrative account via a crafted request to index.php/users/create.
X2engine X2crm
1 EDB exploit
NA
CVE-2014-3977
libodm.a in IBM AIX 6.1 and 7.1, and VIOS 2.2.x, allows local users to overwrite arbitrary files via a symlink attack on a temporary file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-2179.
Ibm Vios 2.2.0.13
Ibm Vios 2.2.1.0
Ibm Vios 2.2.0.11
Ibm Aix 7.1
Ibm Vios 2.2.0.12
Ibm Aix 6.1
Ibm Vios 2.2.1.1
Ibm Vios 2.2.1.3
Ibm Vios 2.2.0.10
Ibm Vios 2.2.3.2
Ibm Vios 2.2.1.8
Ibm Vios 2.2.2.4
Ibm Vios 2.2.1.4
Ibm Vios 2.2.3.0
Ibm Vios 2.2.3.3
Ibm Vios 2.2.2.5
Ibm Vios 2.2.1.9
Ibm Vios 2.2.2.0
1 EDB exploit
NA
CVE-2014-5308
Multiple SQL injection vulnerabilities in TestLink 1.9.11 allow remote authenticated users to execute arbitrary SQL commands via the (1) name parameter in a Search action to lib/project/projectView.php or (2) id parameter to lib/events/eventinfo.php.
Testlink Testlink 1.9.11
1 EDB exploit
NA
CVE-2014-0372
Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0, 7.3.1, 12.2.1, and 12.2.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to DM Othe...
Oracle Supply Chain Products Suite Sql-server 7.3.0
Oracle Supply Chain Products Suite Sql-server 12.2.1
Oracle Supply Chain Products Suite 7.2.0.3
Oracle Supply Chain Products Suite Sql-server 12.2.2
Oracle Supply Chain Products Suite Sql-server 12.2.0
Oracle Supply Chain Products Suite Sql-server 7.3.1
1 EDB exploit
NA
CVE-2014-1219
CA 2E Web Option r8.1.2 accepts a predictable substring of a W2E_SSNID session token in place of the entire token, which allows remote malicious users to hijack sessions by changing characters at the end of this substring, as demonstrated by terminating a session via a modified S...
Broadcom 2e Web Option R8.1.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
malicious code
XML injection
CVE-2024-28020
CVE-2024-35252
CVE-2024-5833
CVE-2024-30066
injection
CVE-2024-23282
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »