Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
call manager vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-2436
The Download Manager plugin for WordPress is vulnerable to deserialization of untrusted input via the 'file[package_dir]' parameter in versions up to, and including 3.2.49. This makes it possible for authenticated attackers with contributor privileges and above to call ...
Wpdownloadmanager Wordpress Download Manager
7.8
CVSSv3
CVE-2023-29414
A CWE-120: Buffer Copy without Checking Size of Input (Classic Buffer Overflow) vulnerability exists that could cause user privilege escalation if a local user sends specific string input to a local function call.
Schneider-electric Accutech Manager
4.3
CVSSv3
CVE-2021-23001
On versions 16.0.x prior to 16.0.1.1, 15.1.x prior to 15.1.2.1, 14.1.x prior to 14.1.4, 13.1.x prior to 13.1.3.6, 12.1.x prior to 12.1.5.3, and 11.6.x prior to 11.6.5.3, the upload functionality in BIG-IP Advanced WAF and BIG-IP ASM allows an authenticated user to upload files to...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Ddos Hybrid Defender
F5 Big-ip Domain Name System
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Ssl Orchestrator
NA
CVE-2002-0978
Microsoft File Transfer Manager (FTM) ActiveX control prior to 4.0 allows remote malicious users to upload or download arbitrary files to arbitrary locations via a man-in-the-middle attack with modified TGT and TGN parameters in a call to the "Persist" function.
Microsoft File Transfer Manager
4.3
CVSSv3
CVE-2022-3451
The Product Stock Manager WordPress plugin prior to 1.0.5 does not have authorisation and proper CSRF checks in multiple AJAX actions, allowing users with a role as low as subscriber to call them. One action in particular could allow to update arbitrary options
Addify Product Stock Manager
7.5
CVSSv3
CVE-2018-15617
A vulnerability in the "capro" (Call Processor) process component of Avaya Aura Communication Manager could allow a remote, unauthenticated user to cause denial of service. Affected versions include 6.3.x, all 7.x versions before 7.1.3.2, and all 8.x versions before 8.0...
Avaya Aura Communication Manager
5.5
CVSSv3
CVE-2023-38021
An issue exists in Fortanix EnclaveOS Confidential Computing Manager (CCM) Platform prior to 3.32 for Intel SGX. Lack of pointer-alignment validation logic in entry functions allows a local malicious user to access unauthorized information. This relates to the enclave_ecall funct...
Fortanix Confidential Computing Manager
7.5
CVSSv3
CVE-2021-25087
The Download Manager WordPress plugin prior to 3.2.35 does not have any authorisation checks in some of the REST API endpoints, allowing unauthenticated malicious users to call them, which could lead to sensitive information disclosure, such as posts passwords (fixed in 3.2.24) a...
Wpdownloadmanager Wordpress Download Manager
4.3
CVSSv3
CVE-2021-25084
The Advanced Cron Manager WordPress plugin prior to 2.4.2 and Advanced Cron Manager Pro WordPress plugin prior to 2.5.3 do not have authorisation checks in some of their AJAX actions, allowing any authenticated users, such as subscriber to call them and add or remove events as we...
Bracketspace Advanced Cron Manager
7.2
CVSSv3
CVE-2018-7067
A Remote Authentication bypass in Aruba ClearPass Policy Manager leads to complete cluster compromise. An authentication flaw in all versions of ClearPass could allow an malicious user to compromise the entire cluster through a specially crafted API call. Network access to the ad...
Arubanetworks Clearpass Policy Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »