Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
release control vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2018-0317
A vulnerability in the web interface of Cisco Prime Collaboration Provisioning (PCP) could allow an authenticated, remote malicious user to escalate their privileges. The vulnerability is due to insufficient web portal access control checks. An attacker could exploit this vulnera...
Cisco Prime Collaboration
Cisco Prime Collaboration Provisioning
6.5
CVSSv2
CVE-2019-11279
CF UAA versions before 74.1.0 can request scopes for a client that shouldn't be allowed by submitting an array of requested scopes. A remote malicious user can escalate their own privileges to any scope, allowing them to take control of UAA and the resources it controls.
Cloudfoundry Uaa Release
6.8
CVSSv2
CVE-2018-1267
Cloud Foundry Silk CNI plugin, versions before 0.2.0, contains an improper access control vulnerability. If the platform is configured with an application security group (ASG) that overlaps with the Silk overlay network, any applications can reach any other application on the net...
Cloudfoundry Silk-release
5
CVSSv2
CVE-2020-3245
A vulnerability in the web application of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an unauthenticated, remote malicious user to create arbitrary user accounts. The vulnerability is due to the lack of authorization controls in the web application. An attacker...
Cisco Smart Software Manager On-prem
4
CVSSv2
CVE-2017-8038
In Cloud Foundry Foundation Credhub-release version 1.1.0, access control lists (ACLs) enforce whether an authenticated user can perform an operation on a credential. For installations using ACLs, the ACL was bypassed for the CredHub interpolate endpoint, allowing authenticated a...
Pivotal Software Credhub-release 1.1.0
4.3
CVSSv2
CVE-2015-0747
Cisco Conductor for Videoscape 3.0 and Cisco Headend System Release allow remote malicious users to inject arbitrary cookies via a crafted HTTP request, aka Bug ID CSCuh25408.
Cisco Headend System Release 2.7
Cisco Videoscape Conductor 3.0
Cisco Headend System Release 3.7
Cisco Headend System Release 3.5
Cisco Headend System Release I4.3
Cisco Headend System Release 3.2
Cisco Headend Digital Broadband Delivery System -
Cisco Headend System Release 2.5
4
CVSSv2
CVE-2020-3329
A vulnerability in role-based access control of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow a read-only authenticated, remote malicious user to disable user accounts on an affected system. Th...
Cisco Integrated Management Controller Supervisor
Cisco Ucs Director
Cisco Ucs Director Express For Big Data
4.3
CVSSv2
CVE-2019-3787
Cloud Foundry UAA, versions before 73.0.0, falls back to appending “unknown.org” to a user's email address when one is not provided and the user name does not contain an @ character. This domain is held by a private company, which leads to attack vectors includin...
Pivotal Software Cloud Foundry Uaa-release
5
CVSSv2
CVE-2020-9327
In SQLite 3.31.1, isAuxiliaryVtabOperator allows malicious users to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations.
Sqlite Sqlite 3.31.1
Netapp Cloud Backup -
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Siemens Sinec Infrastructure Network Services
Oracle Outside In Technology 8.5.4
Oracle Outside In Technology 8.5.5
Oracle Hyperion Infrastructure Technology 11.1.2.4
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Communications Network Charging And Control 12.0.2
Oracle Communications Network Charging And Control 6.0.1
Oracle Communications Network Charging And Control
Oracle Zfs Storage Appliance Kit 8.8
Oracle Communications Messaging Server 8.1
Oracle Mysql Workbench
7.1
CVSSv2
CVE-2018-15390
A vulnerability in the FTP inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote malicious user to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because the affect...
Cisco Firepower Threat Defense
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »