Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
reflection vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv3
CVE-2020-2100
Jenkins 2.218 and previous versions, LTS 2.204.1 and previous versions was vulnerable to a UDP amplification reflection denial of service attack on port 33848.
Jenkins Jenkins
1 Github repository
5.5
CVSSv3
CVE-2004-2331
ColdFusion MX 6.1 and 6.1 J2EE allows local users to bypass sandbox security restrictions and obtain sensitive information by using Java reflection methods to access trusted Java objects without using the CreateObject function or cfobject tag.
Macromedia Coldfusion 6.1
5.4
CVSSv3
CVE-2023-2267
An Improper Input Validation vulnerability in Schweitzer Engineering Laboratories SEL-411L could allow an malicious user to perform reflection attacks against an authorized and authenticated user. See product Instruction Manual Appendix A dated 20230830 for more details.
Selinc Sel-411l Firmware
Selinc Sel-411l Firmware R128-v0
Selinc Sel-411l Firmware R129-v0
4.9
CVSSv3
CVE-2021-2021
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Ser...
Oracle Mysql
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Fedoraproject Fedora 32
Fedoraproject Fedora 33
4.2
CVSSv3
CVE-2020-26558
Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 up to and including 5.2 may permit a nearby man-in-the-middle malicious user to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the au...
Bluetooth Bluetooth Core Specification
Fedoraproject Fedora 34
Debian Debian Linux 9.0
Linux Linux Kernel
Intel Ax210 Firmware -
Intel Ax201 Firmware -
Intel Ax200 Firmware -
Intel Ac 9560 Firmware -
Intel Ac 9462 Firmware -
Intel Ac 9461 Firmware -
Intel Ac 9260 Firmware -
Intel Ac 8265 Firmware -
Intel Ac 8260 Firmware -
Intel Ac 3168 Firmware -
Intel Ac 7265 Firmware -
Intel Ac 3165 Firmware -
Intel Ax1675 Firmware -
Intel Ax1650 Firmware -
Intel Ac 1550 Firmware -
3.7
CVSSv3
CVE-2019-9495
The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpa_supplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary f...
W1.fi Hostapd
W1.fi Wpa Supplicant
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Debian Debian Linux 8.0
Synology Radius Server 3.0
Synology Router Manager
Freebsd Freebsd 11.2
Freebsd Freebsd 12.0
NA
CVE-2024-29183
OpenRASP is a RASP solution that directly integrates its protection engine into the application server by instrumentation. There exists a reflected XSS in the /login page due to a reflection of the redirect parameter. This allows an malicious user to execute arbitrary javascript ...
NA
CVE-2018-1000845
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultID: CVE-2017-6519. Reason: This candidate is a duplicate of CVE-2017-6519. Notes: All CVE users should reference CVE-2017-6519 instead of this candidate. All references and descriptions in this candidate have been removed ...
NA
CVE-2015-2984
I-O DATA DEVICE WN-G54/R2 routers with firmware prior to 1.03 and NP-BBRS routers allow remote malicious users to cause a denial of service (SSDP reflection) via UPnP requests.
Iodata Wn-g54\\/r2 Firmware
NA
CVE-2015-2370
The authentication implementation in the RPC subsystem in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not prevent DCE/...
Microsoft Windows Vista
Microsoft Windows Server 2008 -
Microsoft Windows Server 2012 R2
Microsoft Windows 8 -
Microsoft Windows 8.1 -
Microsoft Windows Server 2008 R2
Microsoft Windows 7 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Rt -
Microsoft Windows 2003 Server
Microsoft Windows 2003 Server R2
Microsoft Windows Server 2012 -
1 EDB exploit
1 Github repository
2 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »