Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sun vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2019-1904
A vulnerability in the web-based UI (web UI) of Cisco IOS XE Software could allow an unauthenticated, remote malicious user to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web UI on an ...
Cisco Ios Xe 16.1.3
Cisco Ios Xe 16.3.1
Cisco Ios Xe 16.2.1
8.8
CVSSv3
CVE-2019-1754
A vulnerability in the authorization subsystem of Cisco IOS XE Software could allow an authenticated but unprivileged (level 1), remote malicious user to run privileged Cisco IOS commands by using the web UI. The vulnerability is due to improper validation of user privileges of w...
Cisco Ios Xe 16.8.2
Cisco Ios Xe 16.9.1c
Cisco Ios Xe 16.7.1a
Cisco Ios Xe 16.7.1b
Cisco Ios Xe 16.7.1
Cisco Ios Xe 16.9.1d
Cisco Ios Xe 16.8.1d
Cisco Ios Xe 16.9.1s
Cisco Ios Xe 16.8.1a
Cisco Ios Xe 16.8.1s
Cisco Ios Xe 16.8.1
Cisco Ios Xe 16.8.1e
Cisco Ios Xe 16.8.1b
Cisco Ios Xe 3.2.0ja
Cisco Ios Xe 16.9.1b
Cisco Ios Xe 16.8.1c
8.8
CVSSv3
CVE-2019-1743
A vulnerability in the web UI framework of Cisco IOS XE Software could allow an authenticated, remote malicious user to make unauthorized changes to the filesystem of the affected device. The vulnerability is due to improper input validation. An attacker could exploit this vulner...
Cisco Ios Xe 16.8.1b
Cisco Ios Xe 16.8.1d
Cisco Ios Xe 16.4.3
Cisco Ios Xe 16.3.4
Cisco Ios Xe 16.3.5
Cisco Ios Xe 16.6.1
Cisco Ios Xe 16.3.3
Cisco Ios Xe 16.6.3
Cisco Ios Xe 16.5.3
Cisco Ios Xe 16.8.1s
Cisco Ios Xe 16.4.1
Cisco Ios Xe 16.8.1a
Cisco Ios Xe 16.5.2
Cisco Ios Xe 16.5.1b
Cisco Ios Xe 16.3.2
Cisco Ios Xe 16.7.1a
Cisco Ios Xe 16.2.1
Cisco Ios Xe 16.6.2
Cisco Ios Xe 16.3.5b
Cisco Ios Xe 16.7.1b
Cisco Ios Xe 16.3.1
Cisco Ios Xe 16.5.1a
8.8
CVSSv3
CVE-2019-1753
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated but unprivileged (level 1), remote malicious user to run privileged Cisco IOS commands by using the web UI. The vulnerability is due to a failure to validate and sanitize input in Web Services Man...
Cisco Ios Xe 16.8.1s
Cisco Ios Xe 3.2.0ja
Cisco Ios Xe 16.7.1b
Cisco Ios Xe 16.8.1
Cisco Ios Xe 16.7.1
Cisco Ios Xe 16.8.1d
Cisco Ios Xe 16.7.1a
Cisco Ios Xe 16.6.2
Cisco Ios Xe 16.8.1a
Cisco Ios Xe 16.6.3
Cisco Ios Xe 16.8.1b
Cisco Ios Xe 3.6.10e
Cisco Ios Xe 16.6.1
Cisco Ios Xe 16.8.1c
Cisco Ios Xe 16.8.1e
8.8
CVSSv3
CVE-2018-0152
A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote malicious user to gain elevated privileges on an affected device. The vulnerability exists because the affected software does not reset the privilege level for e...
Cisco Ios Xe 16.1.1
8.8
CVSSv3
CVE-2018-0167
Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent malicious user to cause a denial of service (DoS) condition or execute a...
Cisco Ios Xr 5.2.0.base
Cisco Ios 5.2.0.base
Cisco Ios Xe 5.2.0.base
8.8
CVSSv3
CVE-2018-0195
A vulnerability in the Cisco IOS XE Software REST API could allow an authenticated, remote malicious user to bypass API authorization checks and use the API to perform privileged actions on an affected device. The vulnerability is due to insufficient authorization checks for requ...
Cisco Ios Xe
8.8
CVSSv3
CVE-2017-12230
A vulnerability in the web-based user interface (web UI) of Cisco IOS XE 16.2 could allow an authenticated, remote malicious user to elevate their privileges on an affected device. The vulnerability is due to incorrect default permission settings for new users who are created by ...
Cisco Ios Xe 16.2.1
8.8
CVSSv3
CVE-2014-9830
coders/sun.c in ImageMagick allows remote malicious users to have unspecified impact via a corrupted sun file.
Imagemagick Imagemagick
8.8
CVSSv3
CVE-2017-3578
Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: RAS subsystems). The supported version that is affected is AK 2013. Easily "exploitable" vulnerability allows low privileged attacker with logon to the ...
Oracle Sun Zfs Storage Appliance Kit Software 2013
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »