Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
security access manager for web vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-6745
Cross-site scripting (XSS) vulnerability in the IMS server before Ifix 6 in IBM Security Access Manager for Enterprise Single Sign-On (ISAM ESSO) 8.2 allows remote authenticated users to inject arbitrary web script or HTML via crafted input to an unspecified dynamic web form.
Ibm Security Access Manager For Enterprise Single Sign-on 8.2
6.1
CVSSv3
CVE-2018-1815
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 for Enterprise Single-Sign On is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality pot...
Ibm Security Access Manager
9.1
CVSSv3
CVE-2019-7392
An improper authentication vulnerability in CA Privileged Access Manager 3.x Web-UI jk-manager and jk-status allows a remote malicious user to gain sensitive information or alter configuration.
Broadcom Privileged Access Manager
6.1
CVSSv3
CVE-2023-20119
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, formerly known as Content Security Management Appliance (SMA) could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) atta...
Cisco Secure Email Gateway 14.0.1-053
Cisco Web Security Appliance 14.0.1-053
Cisco Secure Email And Web Manager 14.0.1-053
Cisco Secure Email And Web Manager 15.0.0-256
Cisco Secure Email Gateway 15.0.0-256
Cisco Web Security Appliance 15.0.0-256
Cisco Secure Email And Web Manager 14.0.1-033
Cisco Secure Email Gateway 14.0.1-033
Cisco Web Security Appliance 14.0.1-033
Cisco Secure Email And Web Manager 14.0.0-418
Cisco Secure Email Gateway 14.0.0-418
Cisco Web Security Appliance 14.0.0-418
Cisco Secure Email And Web Manager 15.0.0-050
Cisco Secure Email Gateway 15.0.0-050
Cisco Web Security Appliance 15.0.0-050
6.1
CVSSv3
CVE-2018-0223
A vulnerability in DesktopServlet in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote malicious user to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based interface. The vulnerability is due to ...
Cisco Security Manager 4.9\\(0\\)qa99
NA
CVE-2014-2118
Multiple cross-site scripting (XSS) vulnerabilities in dashboard-related HTML documents in Cisco Prime Security Manager (aka PRSM) 9.2(.1-2) and previous versions allow remote malicious users to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCun50687...
Cisco Prime Security Manager 9.1.2-42
Cisco Prime Security Manager 9.1.2-29
Cisco Prime Security Manager 9.1
Cisco Prime Security Manager 9.2
Cisco Prime Security Manager
Cisco Prime Security Manager 9.2.1-1
Cisco Prime Security Manager 9.1.3-10
Cisco Prime Security Manager 9.1.3-13
Cisco Prime Security Manager 9.1.3-8
Cisco Prime Security Manager 9.0
7.5
CVSSv3
CVE-2021-23051
On BIG-IP versions 15.1.0.4 up to and including 15.1.3, when the Data Plane Development Kit (DPDK)/Elastic Network Adapter (ENA) driver is used with BIG-IP on Amazon Web Services (AWS) systems, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. ...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
7.5
CVSSv3
CVE-2016-1421
A vulnerability in the web application for Cisco IP Phones could allow an unauthenticated, remote malicious user to execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. The vulnerability exists because the ...
Cisco Ip Phone 8800 Series Firmware 11.0\\(1\\)
9.8
CVSSv3
CVE-2020-5902
In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Ddos Hybrid Defender
F5 Big-ip Domain Name System
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Ssl Orchestrator
1 Metasploit module
90 Github repositories
6 Articles
6.1
CVSSv3
CVE-2021-22994
On BIG-IP versions 16.0.x prior to 16.0.1.1, 15.1.x prior to 15.1.2.1, 14.1.x prior to 14.1.4, 13.1.x prior to 13.1.3.6, 12.1.x prior to 12.1.5.3, and 11.6.x prior to 11.6.5.3, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Ddos Hybrid Defender
F5 Big-ip Domain Name System
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Ssl Orchestrator
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »