Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
portcullis vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-5076
Multiple cross-site scripting (XSS) vulnerabilities in X2Engine X2CRM prior to 5.0.9 allow remote malicious users to inject arbitrary web script or HTML via the (1) version parameter in protected/views/admin/formEditor.php; the (2) importId parameter in protected/views/admin/roll...
X2engine X2crm
6.9
CVSSv2
CVE-2014-2591
Untrusted search path vulnerability in BMC Patrol for AIX 3.9.00 allows local users to gain privileges via a crafted library, related to an incorrect RPATH setting.
Bmc Patrol Agent 3.9.00
7.5
CVSSv2
CVE-2014-1217
Livetecs Timelive prior to 6.2.8 does not properly restrict access to systemsetting.aspx, which allows remote malicious users to change configurations and obtain the database connection string and credentials via unspecified vectors.
Livetecs Timeline 6.2.4
Livetecs Timeline 6.2.3
Livetecs Timeline 3.8.1
Livetecs Timeline 3.7.1
Livetecs Timeline 3.0.1
Livetecs Timeline 2.94
Livetecs Timeline 6.2.71
Livetecs Timeline 5.2.1
Livetecs Timeline 4.9.1
Livetecs Timeline 3.2.1
Livetecs Timeline 3.1.1
Livetecs Timeline 6.2.1
Livetecs Timeline 6.0.1
Livetecs Timeline 3.6.1
Livetecs Timeline 3.5.1
Livetecs Timeline 2.91
Livetecs Timeline 2.81
Livetecs Timeline 6.2.7
Livetecs Timeline 6.2.6
Livetecs Timeline 7.1.1
Livetecs Timeline 4.3.1
Livetecs Timeline 4.2.1
2.1
CVSSv2
CVE-2013-6216
Unspecified vulnerability in HP Array Configuration Utility, Array Diagnostics Utility, ProLiant Array Diagnostics, and SmartSSD Wear Gauge Utility 9.40 and previous versions allows local users to gain privileges via unknown vectors.
Hp Array Configuration Utility
Hp Array Diagnostics Utility
Hp Proliant Array Diagnostics
Hp Smartssd Wear Gauge Utility
4.3
CVSSv2
CVE-2014-1223
Cross-site scripting (XSS) vulnerability in controlpanel/loading.aspx in Telligent Evolution prior to 6.1.19.36103, 7.x prior to 7.1.12.36162, 7.5.x, and 7.6.x prior to 7.6.7.36651 allows remote malicious users to inject arbitrary web script or HTML via the msg parameter. NOTE: s...
Telligent Evolution
4
CVSSv2
CVE-2014-1643
The Web Email Protection component in Symantec Encryption Management Server (aka PGP Universal Server) prior to 3.3.2 allows remote authenticated users to read the stored outbound e-mail messages of arbitrary users via a modified URL.
Symantec Encryption Management Server 3.3.0
Symantec Encryption Management Server
7.5
CVSSv2
CVE-2014-2042
Unrestricted file upload vulnerability in the Manage Project functionality in Livetecs Timelive prior to 6.5.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in a pre...
Livetecs Timeline 6.2.71
Livetecs Timeline 6.2.7
Livetecs Timeline 4.3.1
Livetecs Timeline 4.2.1
Livetecs Timeline 3.0.5
Livetecs Timeline 3.0.3
Livetecs Timeline 6.2.3
Livetecs Timeline 6.2.1
Livetecs Timeline 3.6.1
Livetecs Timeline 3.5.1
Livetecs Timeline 2.91
Livetecs Timeline 2.81
Livetecs Timeline 6.2.6
Livetecs Timeline 6.2.4
Livetecs Timeline 3.8.1
Livetecs Timeline 3.7.1
Livetecs Timeline 3.0.1
Livetecs Timeline 2.94
Livetecs Timeline
Livetecs Timeline 6.0.1
Livetecs Timeline 5.2.1
Livetecs Timeline 4.9.1
5
CVSSv2
CVE-2013-5880
Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 12.2.0, 12.2.1, and 12.2.2 allows remote malicious users to affect confidentiality via unknown vectors related to DM Others.
Oracle Supply Chain Products Suite 12.2.2
Oracle Supply Chain Products Suite 12.2.0
Oracle Supply Chain Products Suite 12.2.1
1 EDB exploit
4.3
CVSSv2
CVE-2014-8600
Multiple cross-site scripting (XSS) vulnerabilities in KDE-Runtime 4.14.3 and previous versions, kwebkitpart 1.3.4 and previous versions, and kio-extras 5.1.1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via a crafted URI using the (1)...
Urs Wolfer Kwebkitpart
Kde Kde-runtime
Kde Kio-extras
Opensuse Opensuse 13.1
5.1
CVSSv2
CVE-2014-1219
CA 2E Web Option r8.1.2 accepts a predictable substring of a W2E_SSNID session token in place of the entire token, which allows remote malicious users to hijack sessions by changing characters at the end of this substring, as demonstrated by terminating a session via a modified S...
Broadcom 2e Web Option R8.1.2
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »