Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ignite vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2020-24601
In Ignite Realtime Openfire 4.5.1 a Stored Cross-site Vulnerability allows an malicious user to execute an arbitrary malicious URL via the vulnerable POST parameter searchName", "alias" in the import certificate trusted page
Igniterealtime Openfire 4.5.1
NA
CVE-2024-35283
A vulnerability in the Ignite component of Mitel MiContact Center Business up to and including 10.0.0.4 could allow an unauthenticated malicious user to conduct a stored cross-site scripting (XSS) attack due to insufficient input validation.
668
VMScore
CVE-2000-0159
HP Ignite-UX does not save /etc/passwd when it creates an image of a trusted system, which can set the password field to a blank and allow an malicious user to gain privileges.
Hp Hp-ux 11.00
356
VMScore
CVE-2009-1596
Ignite Realtime Openfire prior to 3.6.5 does not properly implement the register.password (aka canChangePassword) console configuration setting, which allows remote authenticated users to bypass intended policy and change their own passwords via a passwd_change IQ packet.
Igniterealtime Openfire
668
VMScore
CVE-2014-9757
The Ignite Realtime Smack XMPP API, as used in Atlassian Bamboo prior to 5.9.9 and 5.10.x prior to 5.10.0, allows remote configured XMPP servers to execute arbitrary Java code via serialized data in an XMPP message.
Atlassian Bamboo 5.9.7
Atlassian Bamboo 5.9.4
Atlassian Bamboo 5.8
Atlassian Bamboo 5.7.2
Atlassian Bamboo 5.4.2
Atlassian Bamboo 5.4.1
Atlassian Bamboo 5.1
Atlassian Bamboo 5.0.1
Atlassian Bamboo 5.0
Atlassian Bamboo 4.4.5
Atlassian Bamboo 4.4.4
Atlassian Bamboo 4.3.2
Atlassian Bamboo 4.3.1
Atlassian Bamboo 4.0
Atlassian Bamboo 3.4.5
Atlassian Bamboo 3.3.3
Atlassian Bamboo 3.3.2
Atlassian Bamboo 3.3
Atlassian Bamboo 3.0.3
Atlassian Bamboo 2.7
Atlassian Bamboo 2.6.3
Atlassian Bamboo 2.5.1
445
VMScore
CVE-2018-9159
In Spark prior to 2.7.2, a remote attacker can read unintended static files via various representations of absolute or relative pathnames, as demonstrated by file: URLs and directory traversal sequences. NOTE: this product is unrelated to Ignite Realtime Spark.
Sparkjava Spark
320
VMScore
CVE-2020-24692
The Ignite portal in Mitel MiContact Center Business prior to 9.3.0.0 could allow an malicious user to execute arbitrary scripts due to insufficient input validation, aka XSS. A successful exploit could allow an malicious user to gain access to a user session.
Mitel Micontact Center Business
694
VMScore
CVE-2014-2741
nio/XMLLightweightParser.java in Ignite Realtime Openfire prior to 3.9.2 does not properly restrict the processing of compressed XML elements, which allows remote malicious users to cause a denial of service (resource consumption) via a crafted XMPP stream, aka an "xmppbomb&...
Igniterealtime Openfire
435
VMScore
CVE-2015-6972
Multiple cross-site scripting (XSS) vulnerabilities in Ignite Realtime Openfire 3.10.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) groupchatName parameter to plugins/clientcontrol/create-bookmark.jsp; the (2) urlName parameter to plugins/client...
Igniterealtime Openfire 3.10.2
1 EDB exploit
570
VMScore
CVE-2004-0952
HP-UX B.11.00 through B.11.23, when running Ignite-UX and using the add_new_client command, causes the TFTP server to set world-writable permissions on part of the directory tree, which allows remote malicious users to modify data or cause disk consumption.
Hp Hp-ux 11.11
Hp Hp-ux 11.22
Hp Hp-ux 11.00
Hp Hp-ux 11.23
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »