Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2021-27769
Information leakage occurs when a website reveals information that could aid an malicious user to further exploit the system. This information may or may not be sensitive and does not automatically mean a breach is likely to occur. Overall, any information that could be used for ...
Hcltech Sametime 11.6
7.6
CVSSv3
CVE-2021-27771
User SID can be modified resulting in an Arbitrary File Upload or deletion of directories causing a Denial of Service. When interacting in a normal matter with the Sametime chat application, users hold a cookie containing their session ID (SID). This value is also used when sendi...
Hcltech Sametime 11.6
4.3
CVSSv3
CVE-2021-27773
This vulnerability allows users to execute a clickjacking attack in the meeting's chat.
Hcltech Sametime 11.6
5.4
CVSSv3
CVE-2021-27774
User input included in error response, which could be used in a phishing attack.
Hcltech Hcl Digital Experience 9.0
Hcltech Hcl Digital Experience 9.5
Hcltech Hcl Digital Experience 8.5
7.5
CVSSv3
CVE-2021-27777
XML External Entity (XXE) injection vulnerabilities occur when poorly configured XML parsers process user supplied input without sufficient validation. Attackers can exploit this vulnerability to manipulate XML content and inject malicious external entity references.
Hcltech Unica
4.8
CVSSv3
CVE-2021-27778
HCL Traveler is vulnerable to a cross-site scripting (XSS) caused by improper validation of the Name parameter for Approved Applications in the Traveler administration web pages. An attacker could exploit this vulnerability to execute a malicious script to access any cookies, ses...
Hcltech Traveler
9.1
CVSSv3
CVE-2021-27779
VersionVault Express exposes sensitive information that an attacker can use to impersonate the server or eavesdrop on communications with the server.
Hcltech Versionvault Express 2.0.1
5.3
CVSSv3
CVE-2021-27780
The software may be vulnerable to both Un-Auth XML interaction and unauthenticated device enrollment.
Hcltech Modern Client Management
Hcltech Bigfix Mobile
4.8
CVSSv3
CVE-2021-27781
The Master operator may be able to embed script tag in HTML with alert pop-up display cookie.
Hcltech Modern Client Management
Hcltech Bigfix Mobile
7.5
CVSSv3
CVE-2018-20026
Improper Communication Address Filtering exists in CODESYS V3 products versions prior V3.5.14.0.
Codesys Control For Beaglebone Sl
Codesys Control For Empc-a\\/imx6 Sl
Codesys Control For Iot2000 Sl
Codesys Control For Linux Sl
Codesys Control For Pfc100 Sl
Codesys Control For Pfc200 Sl
Codesys Control For Raspberry Pi Sl
Codesys Control Rte Sl
Codesys Control Rte Sl \\(for Beckhoff Cx\\)
Codesys Control Win Sl
Codesys Control Runtime Toolkit
Codesys Safety Sil2
Codesys Hmi Sl
Codesys Gateway
Codesys Development System V3
Codesys Plchandler
Codesys Opc Server
Codesys Targetvisu Sl
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »