Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
spectrum control vulnerabilities and exploits
(subscribe to this query)
9.4
CVSSv3
CVE-2020-12041
The Baxter Spectrum WBM (v17, v20D29, v20D30, v20D31, and v22D24) telnet Command-Line Interface, grants access to sensitive data stored on the WBM that permits temporary configuration changes to network settings of the WBM, and allows the WBM to be rebooted. Temporary configurati...
Baxter Sigma Spectrum Infusion System Firmware 8.0
7.5
CVSSv3
CVE-2020-8169
curl 7.62.0 up to and including 7.70.0 is vulnerable to an information disclosure vulnerability that can lead to a partial password being leaked over the network and to the DNS server(s).
Haxx Curl
Siemens Simatic Tim 1531 Irc Firmware
Debian Debian Linux 10.0
Siemens Sinec Infrastructure Network Services
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
1 Github repository
7.8
CVSSv3
CVE-2021-20532
IBM Spectrum Protect Client 8.1.0.0 up to and including 8.1.11.0 could allow a local user to escalate their privileges to take full control of the system due to insecure directory permissions. IBM X-Force ID: 198811.
Ibm Spectrum Protect Backup-archive Client
Ibm Spectrum Protect For Virtual Environments
7.4
CVSSv3
CVE-2020-8201
Node.js < 12.18.4 and < 14.11 can be exploited to perform HTTP desync attacks and deliver malicious payloads to unsuspecting users. The payloads can be crafted by an malicious user to hijack user sessions, poison cookies, perform clickjacking, and a multitude of other attac...
Nodejs Node.js
Opensuse Leap 15.2
Fedoraproject Fedora 33
1 Github repository
9.1
CVSSv3
CVE-2021-39063
IBM Spectrum Protect Plus 10.1.0.0 up to and including 10.1.8.x uses Cross-Origin Resource Sharing (CORS) which could allow an malicious user to carry out privileged actions and retrieve sensitive information due to a misconfiguration in access control headers. IBM X-Force ID: 21...
Ibm Spectrum Protect Plus
7.5
CVSSv3
CVE-2019-0233
An access permission override in Apache Struts 2.0.0 to 2.5.20 may cause a Denial of Service when performing a file upload.
Apache Struts
Oracle Communications Policy Management 12.5.0
Oracle Financial Services Data Integration Hub 8.0.3
Oracle Financial Services Data Integration Hub 8.0.6
Oracle Financial Services Market Risk Measurement And Management 8.0.6
Oracle Mysql Enterprise Monitor
1 Article
8.8
CVSSv3
CVE-2020-4700
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 up to and including 6.0.3.2 and 5.2.0.0 up to and including 5.2.6.5 could allow an authenticated user belonging to a specific user group to create a user or group with administrative privileges. IBM X-Force ID: 187077.
Ibm Sterling B2b Integrator
9.8
CVSSv3
CVE-2019-0230
Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution.
Apache Struts
Oracle Financial Services Market Risk Measurement And Management 8.0.6
Oracle Communications Policy Management 12.5.0
Oracle Financial Services Data Integration Hub 8.0.6
Oracle Financial Services Data Integration Hub 8.0.3
Oracle Mysql Enterprise Monitor
10 Github repositories
1 Article
6.5
CVSSv3
CVE-2020-4482
IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 could allow an authenticated user to bypass security. A user with access to a snapshot could apply unauthorized additional statuses via direct rest calls. IBM X-Force ID: 181856.
Ibm Urbancode Deploy 7.0.3.0
Ibm Urbancode Deploy 7.0.4.0
Ibm Urbancode Deploy 6.2.7.3
Ibm Urbancode Deploy 6.2.7.4
4.3
CVSSv3
CVE-2020-14318
A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker.
Samba Samba
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Storage 3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »