Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
1 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2000-0181
Firewall-1 3.0 and 4.0 leaks packets with private IP address information, which could allow remote malicious users to determine the real IP address of the host that is making the connection.
Checkpoint Firewall-1 3.0
Checkpoint Firewall-1 4.0
Checkpoint Firewall-1 4.1
6.4
CVSSv2
CVE-2001-1101
The Log Viewer function in the Check Point FireWall-1 GUI for Solaris 3.0b up to and including 4.1 SP2 does not check for the existence of '.log' files when saving files, which allows (1) remote authenticated users to overwrite arbitrary files ending in '.log'...
Checkpoint Firewall-1 4.0
Checkpoint Firewall-1 4.1
Checkpoint Firewall-1 3.0
6.2
CVSSv2
CVE-2001-1102
Check Point FireWall-1 3.0b up to and including 4.1 for Solaris allows local users to overwrite arbitrary files via a symlink attack on temporary policy files that end in a .cpp extension, which are set world-writable.
Checkpoint Firewall-1 4.1
Checkpoint Firewall-1 3.0
Checkpoint Firewall-1 4.0
7.8
CVSSv2
CVE-2004-2679
Check Point Firewall-1 4.1 up to NG AI R55 allows remote malicious users to obtain potentially sensitive information by sending an Internet Key Exchange (IKE) with a certain Vendor ID payload that causes Firewall-1 to return a response containing version and other information.
Checkpoint Firewall-1 4.0
Checkpoint Firewall-1 4.1
Checkpoint Firewall-1 R55
7.5
CVSSv2
CVE-2000-1037
Check Point Firewall-1 session agent 3.0 up to and including 4.1 generates different error messages for invalid user names versus invalid passwords, which allows remote malicious users to determine valid usernames and guess a password via a brute force attack.
Checkpoint Firewall-1 3.0
Checkpoint Firewall-1 4.0
Checkpoint Firewall-1 4.1
2 EDB exploits
6.8
CVSSv2
CVE-2015-0736
Cross-site request forgery (CSRF) vulnerability in Cisco MediaSense 10.5(1) and previous versions allows remote malicious users to hijack the authentication of arbitrary users, aka Bug ID CSCuu16728.
Cisco Mediasense 9.1\\(1\\)
Cisco Mediasense 10.0\\(1\\)
Cisco Mediasense 10.5\\(1\\)
4.3
CVSSv2
CVE-2005-4091
Cross-site scripting (XSS) vulnerability in 1search.cgi in 1-Script 1-Search 1.8 allows remote malicious users to inject arbitrary web script or HTML via the q parameter.
1-script 1-search 1.8
1 EDB exploit
4.3
CVSSv2
CVE-2015-0714
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Finesse Server 10.0(1), 10.5(1), 10.6(1), and 11.0(1) allow remote malicious users to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCut53595.
Cisco Finesse 10.0\\(1\\) Base
Cisco Finesse 10.5\\(1\\) Base
Cisco Finesse 10.6\\(1\\) Base
Cisco Finesse 11.0\\(1\\) Base
7.2
CVSSv2
CVE-2008-1901
aptlinex prior to 0.91 allows local users to overwrite arbitrary files via a symlink attack on the gambas-apt.lock temporary file.
Debian Aptlinex 0.7-1
Debian Aptlinex 0.8-1
Debian Aptlinex 0.8-2
Debian Aptlinex 0.9-1
Debian Aptlinex 0.6-1
5
CVSSv2
CVE-2008-1902
The GUI for aptlinex prior to 0.91 does not sufficiently warn the user of potentially dangerous actions, which allows remote malicious users to remove or modify packages via an apt:// URL.
Debian Aptlinex 0.8-1
Debian Aptlinex 0.8-2
Debian Aptlinex 0.6-1
Debian Aptlinex 0.7-1
Debian Aptlinex 0.9-1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »