Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
spectrum control vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-8169
curl 7.62.0 up to and including 7.70.0 is vulnerable to an information disclosure vulnerability that can lead to a partial password being leaked over the network and to the DNS server(s).
Haxx Curl
Siemens Simatic Tim 1531 Irc Firmware
Debian Debian Linux 10.0
Siemens Sinec Infrastructure Network Services
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
1 Github repository
7.5
CVSSv2
CVE-2020-12041
The Baxter Spectrum WBM (v17, v20D29, v20D30, v20D31, and v22D24) telnet Command-Line Interface, grants access to sensitive data stored on the WBM that permits temporary configuration changes to network settings of the WBM, and allows the WBM to be rebooted. Temporary configurati...
Baxter Sigma Spectrum Infusion System Firmware 8.0
5.8
CVSSv2
CVE-2020-8201
Node.js < 12.18.4 and < 14.11 can be exploited to perform HTTP desync attacks and deliver malicious payloads to unsuspecting users. The payloads can be crafted by an malicious user to hijack user sessions, poison cookies, perform clickjacking, and a multitude of other attac...
Nodejs Node.js
Opensuse Leap 15.2
Fedoraproject Fedora 33
1 Github repository
7.2
CVSSv2
CVE-2021-20532
IBM Spectrum Protect Client 8.1.0.0 up to and including 8.1.11.0 could allow a local user to escalate their privileges to take full control of the system due to insecure directory permissions. IBM X-Force ID: 198811.
Ibm Spectrum Protect Backup-archive Client
Ibm Spectrum Protect For Virtual Environments
4
CVSSv2
CVE-2020-4482
IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 could allow an authenticated user to bypass security. A user with access to a snapshot could apply unauthorized additional statuses via direct rest calls. IBM X-Force ID: 181856.
Ibm Urbancode Deploy 7.0.3.0
Ibm Urbancode Deploy 7.0.4.0
Ibm Urbancode Deploy 6.2.7.3
Ibm Urbancode Deploy 6.2.7.4
2.1
CVSSv2
CVE-2020-14323
A null pointer dereference flaw was found in samba's Winbind service in versions prior to 4.11.15, prior to 4.12.9 and prior to 4.13.1. A local user could use this flaw to crash the winbind service causing denial of service.
Samba Samba
Opensuse Leap 15.1
Opensuse Leap 15.2
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
7.5
CVSSv2
CVE-2019-0230
Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution.
Apache Struts
Oracle Financial Services Market Risk Measurement And Management 8.0.6
Oracle Communications Policy Management 12.5.0
Oracle Financial Services Data Integration Hub 8.0.6
Oracle Financial Services Data Integration Hub 8.0.3
Oracle Mysql Enterprise Monitor
10 Github repositories
1 Article
5
CVSSv2
CVE-2019-0233
An access permission override in Apache Struts 2.0.0 to 2.5.20 may cause a Denial of Service when performing a file upload.
Apache Struts
Oracle Communications Policy Management 12.5.0
Oracle Financial Services Data Integration Hub 8.0.3
Oracle Financial Services Data Integration Hub 8.0.6
Oracle Financial Services Market Risk Measurement And Management 8.0.6
Oracle Mysql Enterprise Monitor
1 Article
4
CVSSv2
CVE-2020-14318
A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker.
Samba Samba
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Storage 3.0
6.5
CVSSv2
CVE-2020-4700
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 up to and including 6.0.3.2 and 5.2.0.0 up to and including 5.2.6.5 could allow an authenticated user belonging to a specific user group to create a user or group with administrative privileges. IBM X-Force ID: 187077.
Ibm Sterling B2b Integrator
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »