Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
connect vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2020-4826
IBM API Connect 10.0.0.0 up to and including 10.0.1.0 and 2018.4.1.0 up to and including 2018.4.1.13 is vulnerable to cross-site request forgery which could allow an malicious user to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM ...
Ibm Api Connect 10.0.0.0
Ibm Api Connect 10.0.1.0
Ibm Api Connect
570
VMScore
CVE-2020-4828
IBM API Connect 10.0.0.0 up to and including 10.0.1.0 and 2018.4.1.0 up to and including 2018.4.1.13 is vulnerable to web cache poisoning, caused by improper input validation by modifying HTTP request headers. IBM X-Force ID: 189842.
Ibm Api Connect 10.0.0.0
Ibm Api Connect 10.0.1.0
Ibm Api Connect
356
VMScore
CVE-2016-0211
IBM DB2 9.7 through FP11, 9.8, 10.1 through FP5, and 10.5 through FP7 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) via a crafted DRDA message.
Ibm Db2 Connect 9.8.0.1
Ibm Db2 Connect 9.8.0.5
Ibm Db2 Connect 9.8.0.3
Ibm Db2 Connect 9.8.0.2
Ibm Db2 9.8.0.3
Ibm Db2 9.8.0.2
Ibm Db2 9.8.0.1
Ibm Db2 9.8.0.4
Ibm Db2 9.8.0.5
Ibm Db2 9.8
Ibm Db2 Connect 9.8.0.4
Ibm Db2 Connect 9.8
Ibm Db2 Connect 10.5.0.7
Ibm Db2 Connect 10.5.0.6
Ibm Db2 Connect 10.5.0.5
Ibm Db2 Connect 10.5.0.4
Ibm Db2 10.5.0.7
Ibm Db2 10.5.0.6
Ibm Db2 10.5.0.5
Ibm Db2 10.5.0.4
Ibm Db2 10.5.0.3
Ibm Db2 10.5.0.2
383
VMScore
CVE-2010-4590
Cross-site scripting (XSS) vulnerability in HTTP Access Services (HTTP-AS) in the Connection Manager in IBM Lotus Mobile Connect (LMC) prior to 6.1.4 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Ibm Lotus Mobile Connect
Ibm Lotus Mobile Connect 6.1.2
Ibm Lotus Mobile Connect 6.1.1.1
Ibm Lotus Mobile Connect 6.1.1
392
VMScore
CVE-2010-4591
The Connection Manager in IBM Lotus Mobile Connect (LMC) prior to 6.1.4, when HTTP Access Services (HTTP-AS) is enabled, does not delete LTPA tokens in response to use of the iNotes Logoff button, which might allow physically proximate malicious users to obtain access via an unat...
Ibm Lotus Mobile Connect 6.1.2
Ibm Lotus Mobile Connect 6.1.1.1
Ibm Lotus Mobile Connect
Ibm Lotus Mobile Connect 6.1.1
383
VMScore
CVE-2010-4592
The Mobile Network Connections functionality in the Connection Manager in IBM Lotus Mobile Connect prior to 6.1.4, when HTTP Access Services (HTTP-AS) is enabled, does not properly handle failed attempts at establishing HTTP-TCP sessions, which allows remote malicious users to ca...
Ibm Lotus Mobile Connect 6.1.1.1
Ibm Lotus Mobile Connect 6.1.1
Ibm Lotus Mobile Connect
Ibm Lotus Mobile Connect 6.1.2
356
VMScore
CVE-2010-4593
The Connection Manager in IBM Lotus Mobile Connect prior to 6.1.4 does not properly maintain a certain reference count, which allows remote authenticated users to cause a denial of service (IP address exhaustion) by making invalid attempts to establish sessions with the same VPN ...
Ibm Lotus Mobile Connect
Ibm Lotus Mobile Connect 6.1.2
Ibm Lotus Mobile Connect 6.1.1.1
Ibm Lotus Mobile Connect 6.1.1
383
VMScore
CVE-2010-4594
The Connection Manager in IBM Lotus Mobile Connect prior to 6.1.4, when HTTP Access Services (HTTP-AS) is enabled, does not properly process TCP connection requests, which allows remote malicious users to cause a denial of service (memory consumption and HTTP-AS hang) by making m...
Ibm Lotus Mobile Connect
Ibm Lotus Mobile Connect 6.1.2
Ibm Lotus Mobile Connect 6.1.1.1
Ibm Lotus Mobile Connect 6.1.1
445
VMScore
CVE-2010-4595
The Connection Manager in IBM Lotus Mobile Connect prior to 6.1.4 disables the http.device.stanza blacklisting functionality for HTTP Access Services (HTTP-AS), which allows remote malicious users to bypass intended access restrictions via an HTTP request that contains a disallow...
Ibm Lotus Mobile Connect 6.1.1
Ibm Lotus Mobile Connect
Ibm Lotus Mobile Connect 6.1.1.1
Ibm Lotus Mobile Connect 6.1.2
383
VMScore
CVE-2018-20807
An XSS issue has been found in welcome.cgi in Pulse Secure Pulse Connect Secure (PCS) 8.1.x prior to 8.1R12, 8.2.x prior to 8.2R9, and 8.3.x prior to 8.3R3 due to one of the URL parameters not being sanitized properly.
Ivanti Connect Secure 8.1
Ivanti Connect Secure 8.2
Ivanti Connect Secure 8.3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »