Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
static vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-26152
All versions of the package static-server are vulnerable to Directory Traversal due to improper input sanitization passed via the validPath function of server.js.
Nbluis Static-server
383
VMScore
CVE-2019-10307
A cross-site request forgery vulnerability in Jenkins Static Analysis Utilities Plugin 1.95 and previous versions in the DefaultGraphConfigurationView#doSave form handler method allowed malicious users to change the per-job default graph configuration for all users.
Jenkins Static Analysis Utilities
356
VMScore
CVE-2019-10308
A missing permission check in Jenkins Static Analysis Utilities Plugin 1.95 and previous versions in the DefaultGraphConfigurationView#doSave form handler method allowed attackers with Overall/Read permission to change the per-job default graph configuration for all users.
Jenkins Static Analysis Utilities
312
VMScore
CVE-2020-2316
Jenkins Static Analysis Utilities Plugin 1.96 and previous versions does not escape the annotation message in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.
Jenkins Static Analysis Utilities
312
VMScore
CVE-2017-1000102
The Details view of some Static Analysis Utilities based plugins, was vulnerable to a persisted cross-site scripting vulnerability: Malicious users able to influence the input to these plugins, for example the console output which is parsed to extract build warnings (Warnings Plu...
Jenkins Static Analysis Utilities
NA
CVE-2023-6369
The Export WP Page to Static HTML/CSS plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on multiple AJAX actions in all versions up to, and including, 2.1.9. This makes it possible for authenticated attack...
Myrecorp Export Wp Page To Static Html/css
NA
CVE-2023-31077
Cross-Site Request Forgery (CSRF) vulnerability in ReCorp Export WP Page to Static HTML/CSS plugin <= 2.1.9 versions.
Myrecorp Export Wp Page To Static Html/css
NA
CVE-2023-30970
Gotham Table service and Forward App were found to be vulnerable to a Path traversal issue allowing an authenticated user to read arbitrary files on the file system.
Palantir Gotham Blackbird-witchcraft
Palantir Gotham Static-assets-servlet
383
VMScore
CVE-2022-27237
There is a cross-site scripting (XSS) vulnerability in an NI Web Server component installed with several NI products. Depending on the product(s) in use, remediation guidance includes: install SystemLink version 2021 R3 or later, install FlexLogger 2022 Q2 or later, install LabVI...
Ni Flexlogger 2021
Ni Systemlink 2020
Ni Systemlink 2022
Ni G Web Development Software 2021
Ni Labview 2021
Ni Static Test Software Suite
445
VMScore
CVE-2020-27125
A vulnerability in Cisco Security Manager could allow an unauthenticated, remote malicious user to access sensitive information on an affected system. The vulnerability is due to insufficient protection of static credentials in the affected software. An attacker could exploit thi...
Cisco Security Manager
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »