Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
system recovery vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2019-1953
A vulnerability in the web portal of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote malicious user to view a password in clear text. The vulnerability is due to incorrectly logging the admin password when a user is forced to modify the d...
Cisco Enterprise Network Function Virtualization Infrastructure
NA
CVE-2023-35717
TP-Link Tapo C210 Password Recovery Authentication Bypass Vulnerability. This vulnerability allows network-adjacent malicious users to bypass authentication on affected installations of TP-Link Tapo C210 IP cameras. Authentication is not required to exploit this vulnerability. Th...
NA
CVE-2023-48646
Zoho ManageEngine RecoveryManager Plus prior to 6070 allows admin users to execute arbitrary commands via proxy settings.
Zohocorp Manageengine Recoverymanager Plus
Zohocorp Manageengine Recoverymanager Plus 6.0
384
VMScore
CVE-2019-6593
On BIG-IP 11.5.1-11.5.4, 11.6.1, and 12.1.0, a virtual server configured with a Client SSL profile may be vulnerable to a chosen ciphertext attack against CBC ciphers. When exploited, this may result in plaintext recovery of encrypted messages through a man-in-the-middle (MITM) a...
F5 Big-ip Access Policy Manager 12.1.0
F5 Big-ip Access Policy Manager 11.6.1
F5 Big-ip Access Policy Manager
F5 Big-ip Local Traffic Manager 11.6.1
F5 Big-ip Local Traffic Manager 12.1.0
F5 Big-ip Local Traffic Manager
F5 Big-ip Advanced Firewall Manager 11.6.1
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 12.1.0
F5 Big-ip Analytics 11.6.1
F5 Big-ip Analytics 12.1.0
F5 Big-ip Analytics
F5 Big-ip Application Security Manager 11.6.1
F5 Big-ip Application Security Manager 12.1.0
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System 11.6.1
F5 Big-ip Domain Name System
F5 Big-ip Domain Name System 12.1.0
F5 Big-ip Edge Gateway 12.1.0
F5 Big-ip Edge Gateway 11.6.1
F5 Big-ip Edge Gateway
F5 Big-ip Fraud Protection Service 12.1.0
2 Github repositories
231
VMScore
CVE-2020-5929
In versions 13.0.0-13.0.0 HF2, 12.1.0-12.1.2 HF1, and 11.6.1-11.6.2, BIG-IP platforms with Cavium Nitrox SSL hardware acceleration cards, a Virtual Server configured with a Client SSL profile, and using Anonymous (ADH) or Ephemeral (DHE) Diffie-Hellman key exchange and Single DH ...
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 11.6.2
F5 Big-ip Access Policy Manager 12.1.2
F5 Big-ip Access Policy Manager 13.0.0
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 11.6.2
F5 Big-ip Advanced Firewall Manager 12.1.2
F5 Big-ip Advanced Firewall Manager 13.0.0
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Advanced Web Application Firewall 11.6.2
F5 Big-ip Advanced Web Application Firewall 12.1.2
F5 Big-ip Advanced Web Application Firewall 13.0.0
F5 Big-ip Analytics
F5 Big-ip Analytics 11.6.2
F5 Big-ip Analytics 12.1.2
F5 Big-ip Analytics 13.0.0
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Acceleration Manager 11.6.2
F5 Big-ip Application Acceleration Manager 12.1.2
F5 Big-ip Application Acceleration Manager 13.0.0
F5 Big-ip Application Security Manager
F5 Big-ip Application Security Manager 11.6.2
NA
CVE-2024-35204
Veritas System Recovery prior to 23.2_Hotfix has incorrect permissions for the Veritas System Recovery folder, and thus low-privileged users can conduct attacks.
187
VMScore
CVE-2021-40045
There is a vulnerability of signature verification mechanism failure in system upgrade through recovery mode.Successful exploitation of this vulnerability may affect service confidentiality.
Huawei Emui 11.0.0
Huawei Emui 11.0.1
Huawei Emui 12.0.0
Huawei Harmonyos
Huawei Magic Ui 4.0.0
632
VMScore
CVE-2021-40055
There is a man-in-the-middle attack vulnerability during system update download in recovery mode. Successful exploitation of this vulnerability may affect integrity.
Huawei Emui 10.0.0
Huawei Emui 10.1.0
Huawei Emui 10.1.1
Huawei Emui 11.0.0
Huawei Emui 11.0.1
Huawei Emui 12.0.0
Huawei Harmonyos 2.0
Huawei Magic Ui 3.0.0
Huawei Magic Ui 3.1.0
Huawei Magic Ui 3.1.1
Huawei Magic Ui 4.0.0
383
VMScore
CVE-2014-8006
The Disaster Recovery (DRA) feature on the Cisco ISB8320-E High-Definition IP-Only DVR allows remote malicious users to bypass authentication by establishing a TELNET session during a recovery boot, aka Bug ID CSCup85422.
Cisco Isb8320-e High-definition Ip-only Dvr -
NA
CVE-2023-39522
goauthentik is an open-source Identity Provider. In affected versions using a recovery flow with an identification stage an attacker is able to determine if a username exists. Only setups configured with a recovery flow are impacted by this. Anyone with a user account on a system...
Goauthentik Authentik
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »