Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
enterprise vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2019-11651
Reflected XSS on Micro Focus Enterprise Developer and Enterprise Server, all versions prior to version 3.0 Patch Update 20, version 4.0 Patch Update 12, and version 5.0 Patch Update 2. The vulnerability could be exploited to redirect a user to a malicious page or forge certain ty...
Microfocus Enterprise Developer 3.0
Microfocus Enterprise Server 3.0
Microfocus Enterprise Developer 4.0
Microfocus Enterprise Server 4.0
Microfocus Enterprise Developer 5.0
Microfocus Enterprise Server 5.0
NA
CVE-2013-6369
Stack-based buffer overflow in the jbg_dec_in function in libjbig/jbig.c in JBIG-KIT prior to 2.1 allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted image file.
Cambridge Enterprise Jbig-kit 1.4
Cambridge Enterprise Jbig-kit 1.3
Cambridge Enterprise Jbig-kit 0.5
Cambridge Enterprise Jbig-kit 1.6
Cambridge Enterprise Jbig-kit 1.5
Cambridge Enterprise Jbig-kit 0.7
Cambridge Enterprise Jbig-kit 0.6
Cambridge Enterprise Jbig-kit
Cambridge Enterprise Jbig-kit 0.9
Cambridge Enterprise Jbig-kit 0.8
Cambridge Enterprise Jbig-kit 1.2
Cambridge Enterprise Jbig-kit 1.1
Cambridge Enterprise Jbig-kit 1.0
7.5
CVSSv3
CVE-2017-2297
Puppet Enterprise versions before 2016.4.5 and 2017.2.1 did not correctly authenticate users before returning labeled RBAC access tokens. This issue has been fixed in Puppet Enterprise 2016.4.5 and 2017.2.1. This only affects users with labeled tokens, which is not the default fo...
Puppet Puppet Enterprise 2017.1.1
Puppet Puppet Enterprise 2017.1.0
Puppet Puppet Enterprise 2016.5.2
Puppet Puppet Enterprise 2016.5.1
Puppet Puppet Enterprise
4.9
CVSSv3
CVE-2017-2293
Versions of Puppet Enterprise before 2016.4.5 or 2017.2.1 shipped with an MCollective configuration that allowed the package plugin to install or remove arbitrary packages on all managed agents. This release adds default configuration to not allow these actions. Customers who rel...
Puppet Puppet Enterprise 2016.5.2
Puppet Puppet Enterprise 2017.1.1
Puppet Puppet Enterprise
Puppet Puppet Enterprise 2016.5.1
Puppet Puppet Enterprise 2017.1.0
7.5
CVSSv3
CVE-2017-2294
Versions of Puppet Enterprise before 2016.4.5 or 2017.2.1 failed to mark MCollective server private keys as sensitive (a feature added in Puppet 4.6), so key values could be logged and stored in PuppetDB. These releases use the sensitive data type to ensure this won't happen...
Puppet Puppet Enterprise 2016.5.2
Puppet Puppet Enterprise 2017.1.0
Puppet Puppet Enterprise 2017.1.1
Puppet Puppet Enterprise 2016.5.1
Puppet Puppet Enterprise
6.7
CVSSv3
CVE-2022-31594
A highly privileged user can exploit SUID-root program to escalate his privileges to root on a local Unix system.
Sap Adaptive Server Enterprise 16.0
Sap Adaptive Server Enterprise Krnl64uc 7.22
Sap Adaptive Server Enterprise Krnl64uc 7.22ext
Sap Adaptive Server Enterprise Krnl64uc 7.49
Sap Adaptive Server Enterprise Krnl64uc 7.53
Sap Adaptive Server Enterprise Krnl64nuc 7.22
Sap Adaptive Server Enterprise Krnl64nuc 7.22ext
Sap Adaptive Server Enterprise Krnl64nuc 7.49
Sap Adaptive Server Enterprise Kernel 7.22
Sap Adaptive Server Enterprise Kernel 7.49
Sap Adaptive Server Enterprise Kernel 7.53
NA
CVE-2013-5425
Cross-site scripting (XSS) vulnerability in the Administration Console in IBM WebSphere Virtual Enterprise 6.1 prior to 6.1.1.6 and 7.0 prior to 7.0.0.4 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
Ibm Websphere Virtual Enterprise 6.1.1.3
Ibm Websphere Virtual Enterprise 6.1.1.4
Ibm Websphere Virtual Enterprise 7.0.0.2
Ibm Websphere Virtual Enterprise 7.0.0.1
Ibm Websphere Virtual Enterprise 6.1
Ibm Websphere Virtual Enterprise 6.1.1
Ibm Websphere Virtual Enterprise 6.1.1.1
Ibm Websphere Virtual Enterprise 6.1.1.2
Ibm Websphere Virtual Enterprise 7.0.0.3
Ibm Websphere Virtual Enterprise 6.1.1.5
Ibm Websphere Virtual Enterprise 7.0
NA
CVE-2001-0947
Forms.exe CGI program in ValiCert Enterprise Validation Authority (EVA) 3.3 up to and including 4.2.1 allows remote malicious users to determine the real pathname of the server by requesting an invalid extension, which produces an error page that includes the path.
Valicert Enterprise Validation Authority 3.6
Valicert Enterprise Validation Authority 3.3
Valicert Enterprise Validation Authority 4.0
Valicert Enterprise Validation Authority 3.8
Valicert Enterprise Validation Authority 4.2
Valicert Enterprise Validation Authority 4.1
Valicert Enterprise Validation Authority 4.2.1
Valicert Enterprise Validation Authority 3.5
Valicert Enterprise Validation Authority 3.4
Valicert Enterprise Validation Authority 3.9
Valicert Enterprise Validation Authority 3.7
NA
CVE-2001-0948
Cross-site scripting (CSS) vulnerability in ValiCert Enterprise Validation Authority (EVA) 3.3 up to and including 4.2.1 allows remote malicious users to execute arbitrary code or display false information by including HTML or script in the certificate's description, which i...
Valicert Enterprise Validation Authority 3.6
Valicert Enterprise Validation Authority 3.3
Valicert Enterprise Validation Authority 4.0
Valicert Enterprise Validation Authority 3.8
Valicert Enterprise Validation Authority 4.2
Valicert Enterprise Validation Authority 4.1
Valicert Enterprise Validation Authority 4.2.1
Valicert Enterprise Validation Authority 3.5
Valicert Enterprise Validation Authority 3.4
Valicert Enterprise Validation Authority 3.9
Valicert Enterprise Validation Authority 3.7
NA
CVE-2001-0949
Buffer overflows in forms.exe CGI program in ValiCert Enterprise Validation Authority (EVA) Administration Server 3.3 up to and including 4.2.1 allows remote malicious users to execute arbitrary code via long arguments to the parameters (1) Mode, (2) Certificate_File, (3) useExpi...
Valicert Enterprise Validation Authority 3.6
Valicert Enterprise Validation Authority 3.3
Valicert Enterprise Validation Authority 4.0
Valicert Enterprise Validation Authority 3.8
Valicert Enterprise Validation Authority 4.2
Valicert Enterprise Validation Authority 4.1
Valicert Enterprise Validation Authority 4.2.1
Valicert Enterprise Validation Authority 3.5
Valicert Enterprise Validation Authority 3.4
Valicert Enterprise Validation Authority 3.9
Valicert Enterprise Validation Authority 3.7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »