Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
security access manager for web vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2013-5421
Cross-site scripting (XSS) vulnerability in the IMS server before Ifix 6 in IBM Security Access Manager for Enterprise Single Sign-On (ISAM ESSO) 8.2 allows remote malicious users to inject arbitrary web script or HTML via crafted input to an unspecified dynamic web form.
Ibm Security Access Manager For Enterprise Single Sign-on 8.2
4.3
CVSSv2
CVE-2018-1815
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 for Enterprise Single-Sign On is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality pot...
Ibm Security Access Manager
6.4
CVSSv2
CVE-2019-7392
An improper authentication vulnerability in CA Privileged Access Manager 3.x Web-UI jk-manager and jk-status allows a remote malicious user to gain sensitive information or alter configuration.
Broadcom Privileged Access Manager
NA
CVE-2023-20119
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, formerly known as Content Security Management Appliance (SMA) could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) atta...
Cisco Secure Email Gateway 14.0.1-053
Cisco Web Security Appliance 14.0.1-053
Cisco Secure Email And Web Manager 14.0.1-053
Cisco Secure Email And Web Manager 15.0.0-256
Cisco Secure Email Gateway 15.0.0-256
Cisco Web Security Appliance 15.0.0-256
Cisco Secure Email And Web Manager 14.0.1-033
Cisco Secure Email Gateway 14.0.1-033
Cisco Web Security Appliance 14.0.1-033
Cisco Secure Email And Web Manager 14.0.0-418
Cisco Secure Email Gateway 14.0.0-418
Cisco Web Security Appliance 14.0.0-418
Cisco Secure Email And Web Manager 15.0.0-050
Cisco Secure Email Gateway 15.0.0-050
Cisco Web Security Appliance 15.0.0-050
4.3
CVSSv2
CVE-2018-0223
A vulnerability in DesktopServlet in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote malicious user to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based interface. The vulnerability is due to ...
Cisco Security Manager 4.9\\(0\\)qa99
5
CVSSv2
CVE-2021-23051
On BIG-IP versions 15.1.0.4 up to and including 15.1.3, when the Data Plane Development Kit (DPDK)/Elastic Network Adapter (ENA) driver is used with BIG-IP on Amazon Web Services (AWS) systems, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. ...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
4.3
CVSSv2
CVE-2014-2118
Multiple cross-site scripting (XSS) vulnerabilities in dashboard-related HTML documents in Cisco Prime Security Manager (aka PRSM) 9.2(.1-2) and previous versions allow remote malicious users to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCun50687...
Cisco Prime Security Manager 9.1.2-42
Cisco Prime Security Manager 9.1.2-29
Cisco Prime Security Manager 9.1
Cisco Prime Security Manager 9.2
Cisco Prime Security Manager
Cisco Prime Security Manager 9.2.1-1
Cisco Prime Security Manager 9.1.3-10
Cisco Prime Security Manager 9.1.3-13
Cisco Prime Security Manager 9.1.3-8
Cisco Prime Security Manager 9.0
5
CVSSv2
CVE-2016-1421
A vulnerability in the web application for Cisco IP Phones could allow an unauthenticated, remote malicious user to execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. The vulnerability exists because the ...
Cisco Ip Phone 8800 Series Firmware 11.0\\(1\\)
10
CVSSv2
CVE-2020-5902
In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Ddos Hybrid Defender
F5 Big-ip Domain Name System
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Ssl Orchestrator
90 Github repositories
6 Articles
4.3
CVSSv2
CVE-2021-22994
On BIG-IP versions 16.0.x prior to 16.0.1.1, 15.1.x prior to 15.1.2.1, 14.1.x prior to 14.1.4, 13.1.x prior to 13.1.3.6, 12.1.x prior to 12.1.5.3, and 11.6.x prior to 11.6.5.3, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Ddos Hybrid Defender
F5 Big-ip Domain Name System
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Ssl Orchestrator
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »