Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
siemens sinec nms vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-32004
A vulnerability has been discovered in Node.js version 20, specifically within the experimental permission model. This flaw relates to improper handling of Buffers in file system APIs causing a traversal path to bypass when verifying file permissions. This vulnerability affects a...
Nodejs Node.js
Fedoraproject Fedora 37
Fedoraproject Fedora 38
NA
CVE-2023-32005
A vulnerability has been identified in Node.js version 20, affecting users of the experimental permission model when the --allow-fs-read flag is used with a non-* argument. This flaw arises from an inadequate permission model that fails to restrict file stats through the `fs.stat...
Nodejs Node.js
NA
CVE-2023-34035
Spring Security versions 5.8 before 5.8.5, 6.0 before 6.0.5, and 6.1 before 6.1.2 could be susceptible to authorization rule misconfiguration if the application uses requestMatchers(String) and multiple servlets, one of them being Spring MVC’s DispatcherServlet. (Dispatcher...
Vmware Spring Security
4 Github repositories
NA
CVE-2023-30582
Description<!----> This CVE is under investigation by Red Hat Product Security.
NA
CVE-2023-30583
Description<!----> This CVE is under investigation by Red Hat Product Security.
NA
CVE-2023-30584
Description<!----> This CVE is under investigation by Red Hat Product Security.
NA
CVE-2023-30586
A privilege escalation vulnerability exists in Node.js 20 that allowed loading arbitrary OpenSSL engines when the experimental permission model is enabled, which can bypass and/or disable the permission model. The attack complexity is high. However, the crypto.setEngine() API can...
Nodejs Node.js
NA
CVE-2023-30587
Description<!----> This CVE is under investigation by Red Hat Product Security.
NA
CVE-2024-23810
A vulnerability has been identified in SINEC NMS (All versions < V2.0 SP1). The affected application is vulnerable to SQL injection. This could allow an unauthenticated remote malicious user to execute arbitrary SQL queries on the server database.
NA
CVE-2024-23811
A vulnerability has been identified in SINEC NMS (All versions < V2.0 SP1). The affected application allows users to upload arbitrary files via TFTP. This could allow an malicious user to upload malicious firmware images or other files, that could potentially lead to remote co...
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »