Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
billing system vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2003-1063
The patches (1) 105693-13, (2) 108800-02, (3) 105694-13, and (4) 108801-02 for cachefs on Solaris 2.6 and 7 overwrite the inetd.conf file, which may silently reenable services and allow remote malicious users to bypass the intended security policy.
Sun Sunos 5.7
Sun Solaris 7.0
Sun Solaris 2.6
Sun Sunos -
7.5
CVSSv2
CVE-2002-0878
SQL injection vulnerability in the login form for LogiSense software including (1) Hawk-i Billing, (2) Hawk-i ASP and (3) DNS Manager allows remote malicious users to bypass authentication via SQL code in the password field.
Logisense Dns Manager System
Logisense Hawk-i Asp
Logisense Hawk-i 5.2
7.5
CVSSv2
CVE-2001-0839
ibillpm.pl in iBill password management system generates weak passwords based on a client's MASTER_ACCOUNT, which allows remote malicious users to modify account information in the .htpasswd file via brute force password guessing.
Ibill Internet Billing Company Processing Plus
1 EDB exploit
7.2
CVSSv2
CVE-2002-0084
Buffer overflow in the fscache_setup function of cachefsd in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long mount argument.
Sun Solaris 8.0
Sun Sunos 5.7
Sun Solaris 2.6
7.1
CVSSv2
CVE-2021-21341
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is vulnerability which may allow a remote malicious user to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resu...
Xstream Project Xstream
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Oracle Banking Platform 2.4.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 11.1.1.9.0
Oracle Communications Unified Inventory Management 7.3.2
Oracle Communications Unified Inventory Management 7.3.4
Oracle Communications Unified Inventory Management 7.3.5
Oracle Communications Unified Inventory Management 7.4.0
Oracle Webcenter Portal 12.2.1.4.0
Oracle Banking Platform 2.7.1
Oracle Banking Platform 2.9.0
Oracle Communications Billing And Revenue Management Elastic Charging Engine 12.0.0.3.0
Oracle Business Activity Monitoring 12.2.1.3.0
Oracle Business Activity Monitoring 11.1.1.9.0
Oracle Business Activity Monitoring 12.2.1.4.0
Oracle Communications Unified Inventory Management 7.4.1
2 Github repositories
6.8
CVSSv2
CVE-2020-36179
FasterXML jackson-databind 2.x prior to 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS.
Netapp Cloud Backup -
Netapp Service Level Manager -
Debian Debian Linux 9.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Application Testing Suite 13.3.0.1
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Agile Plm 9.3.6
Oracle Communications Policy Management 12.5.0
Oracle Primavera Unifier 19.12
Oracle Webcenter Portal 12.2.1.4.0
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Communications Billing And Revenue Management 7.5.0.23.0
Oracle Communications Services Gatekeeper 7.0
Oracle Retail Merchandising System 15.0.3
Oracle Communications Evolved Communications Application Server 7.1
Oracle Goldengate Application Adapters 19.1.0.0.0
Oracle Data Integrator 12.2.1.4.0
Oracle Primavera Unifier 20.12
Oracle Banking Virtual Account Management 14.3.0
Oracle Insurance Rules Palette 11.0.2
Oracle Commerce Platform
1 Github repository
6.8
CVSSv2
CVE-2020-36180
FasterXML jackson-databind 2.x prior to 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS.
Netapp Cloud Backup -
Netapp Service Level Manager -
Debian Debian Linux 9.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Primavera Unifier 17.2
Oracle Application Testing Suite 13.3.0.1
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Agile Plm 9.3.6
Oracle Communications Policy Management 12.5.0
Oracle Primavera Unifier 19.12
Oracle Webcenter Portal 12.2.1.4.0
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Communications Billing And Revenue Management 7.5.0.23.0
Oracle Communications Services Gatekeeper 7.0
Oracle Retail Merchandising System 15.0.3
Oracle Communications Evolved Communications Application Server 7.1
Oracle Goldengate Application Adapters 19.1.0.0.0
Oracle Data Integrator 12.2.1.4.0
Oracle Primavera Unifier 20.12
Oracle Banking Virtual Account Management 14.3.0
Oracle Insurance Rules Palette 11.0.2
1 Github repository
6.8
CVSSv2
CVE-2020-36182
FasterXML jackson-databind 2.x prior to 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS.
Fasterxml Jackson-databind
Netapp Cloud Backup -
Netapp Service Level Manager -
Debian Debian Linux 9.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Primavera Unifier 17.2
Oracle Application Testing Suite 13.3.0.1
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Agile Plm 9.3.6
Oracle Communications Policy Management 12.5.0
Oracle Primavera Unifier 19.12
Oracle Webcenter Portal 12.2.1.4.0
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Communications Billing And Revenue Management 7.5.0.23.0
Oracle Communications Services Gatekeeper 7.0
Oracle Retail Merchandising System 15.0.3
Oracle Communications Evolved Communications Application Server 7.1
Oracle Goldengate Application Adapters 19.1.0.0.0
Oracle Data Integrator 12.2.1.4.0
Oracle Primavera Unifier 20.12
Oracle Banking Virtual Account Management 14.3.0
1 Github repository
6.8
CVSSv2
CVE-2020-36183
FasterXML jackson-databind 2.x prior to 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool.
Fasterxml Jackson-databind
Netapp Cloud Backup -
Netapp Service Level Manager -
Debian Debian Linux 9.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Primavera Unifier 17.2
Oracle Application Testing Suite 13.3.0.1
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Agile Plm 9.3.6
Oracle Communications Policy Management 12.5.0
Oracle Primavera Unifier 19.12
Oracle Webcenter Portal 12.2.1.4.0
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Communications Billing And Revenue Management 7.5.0.23.0
Oracle Communications Services Gatekeeper 7.0
Oracle Retail Merchandising System 15.0.3
Oracle Communications Evolved Communications Application Server 7.1
Oracle Goldengate Application Adapters 19.1.0.0.0
Oracle Data Integrator 12.2.1.4.0
Oracle Primavera Unifier 20.12
Oracle Banking Virtual Account Management 14.3.0
6.8
CVSSv2
CVE-2020-36184
FasterXML jackson-databind 2.x prior to 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource.
Netapp Cloud Backup -
Netapp Service Level Manager -
Debian Debian Linux 9.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Primavera Unifier 17.2
Oracle Application Testing Suite 13.3.0.1
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Agile Plm 9.3.6
Oracle Communications Policy Management 12.5.0
Oracle Primavera Unifier 19.12
Oracle Webcenter Portal 12.2.1.4.0
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Communications Billing And Revenue Management 7.5.0.23.0
Oracle Communications Services Gatekeeper 7.0
Oracle Retail Merchandising System 15.0.3
Oracle Communications Evolved Communications Application Server 7.1
Oracle Goldengate Application Adapters 19.1.0.0.0
Oracle Data Integrator 12.2.1.4.0
Oracle Primavera Unifier 20.12
Oracle Banking Virtual Account Management 14.3.0
Oracle Insurance Rules Palette 11.0.2
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »