Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
health vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-47161
Cross-Site Request Forgery (CSRF) vulnerability in The WordPress.Org community Health Check & Troubleshooting plugin <= 1.5.1 versions.
Wordpress Health Check \\& Troubleshooting
NA
CVE-2014-6717
The iTriage Health (aka com.healthagen.iTriage) application 5.29 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Itriagehealth Itriage Health 5.29
7.3
CVSSv3
CVE-2018-19113
The Pronestor PNHM (aka Health Monitoring or HealthMonitor) add-in prior to 8.1.13.0 for Outlook has "BUILTIN\Users:(I)(F)" permissions for the "%PROGRAMFILES(X86)%\proNestor\Outlook add-in for Pronestor\PronestorHealthMonitor.exe" file, which allows local use...
Pronestor Pronestor Health Monitoring
1 EDB exploit
4.8
CVSSv3
CVE-2022-2887
The WP Server Health Stats WordPress plugin prior to 1.7.0 does not escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
Acnam Wp Server Health Stats
4.3
CVSSv3
CVE-2020-2094
A missing permission check in Jenkins Health Advisor by CloudBees Plugin 3.0 and previous versions allows attackers with Overall/Read permission to send a fixed email to an attacker-specific recipient.
Jenkins Health Advisor By Cloudbees
8.8
CVSSv3
CVE-2020-2093
A cross-site request forgery vulnerability in Jenkins Health Advisor by CloudBees Plugin 3.0 and previous versions allows malicious users to send an email with fixed content to an attacker-specified recipient.
Jenkins Health Advisor By Cloudbees
NA
CVE-2014-7760
The Health assistance service (aka net.nttcloud.ft.karada) application 2.4.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Goo Health Assistance Service 2.4.1
NA
CVE-2014-7562
The Health Advocate SmartHelp (aka com.healthadvocate.ui) application 3.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Healthadvocate Health Advocate Smarthelp 3.6
NA
CVE-2015-2579
Unspecified vulnerability in the Oracle Health Sciences Argus Safety component in Oracle Health Sciences Applications 8.0 allows local users to affect confidentiality via vectors related to BIP Installer.
Oracle Health Sciences Applications 8.0
1 Github repository
4.3
CVSSv3
CVE-2020-2258
Jenkins Health Advisor by CloudBees Plugin 3.2.0 and previous versions does not correctly perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to view that HTTP endpoint.
Jenkins Health Advisor By Cloudbees
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »