Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
julien ahrens vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-22620
An issue exists in SecurePoint UTM prior to 12.2.5.1. The firewall's endpoint at /spcgi.cgi allows sessionid information disclosure via an invalid authentication attempt. This can afterwards be used to bypass the device's authentication and get access to the administrat...
Securepoint Unified Threat Management
1 Github repository
NA
CVE-2023-226202023
SecurePoint UTM versions 12.x suffers from a session identifier leak vulnerability via the spcgi.cgi endpoint.
NA
CVE-2023-22897
An issue exists in SecurePoint UTM prior to 12.2.5.1. The firewall's endpoint at /spcgi.cgi allows information disclosure of memory contents to be achieved by an authenticated user. Essentially, uninitialized data can be retrieved via an approach in which a sessionid is obta...
Securepoint Unified Threat Management
NA
CVE-2023-228972023
SecurePoint UTM versions 12.x suffers from a memory leak vulnerability via the spcgi.cgi endpoint.
4.3
CVSSv2
CVE-2021-42063
A security vulnerability has been discovered in the SAP Knowledge Warehouse - versions 7.30, 7.31, 7.40, 7.50. The usage of one SAP KW component within a Web browser enables unauthorized malicious users to conduct XSS attacks, which might lead to disclose sensitive data.
Sap Knowledge Warehouse 7.31
Sap Knowledge Warehouse 7.40
Sap Knowledge Warehouse 7.50
Sap Knowledge Warehouse 7.30
2 Github repositories
NA
CVE-2023-226202
SecurePoint UTM versions 12.x suffers from a session identifier leak vulnerability via the spcgi.cgi endpoint.
NA
CVE-2023-228972
SecurePoint UTM versions 12.x suffers from a memory leak vulnerability via the spcgi.cgi endpoint.
6.8
CVSSv2
CVE-2012-5002
Stack-based buffer overflow in SR10 FTP server (SR10.exe) 1.1.0.6 in Ricoh DC Software DL-10 4.5.0.1, when the Log file name option is enabled, allows remote malicious users to execute arbitrary code via a long USER FTP command.
Ricoh Dl-10 4.5.0.1
Ricoh Sr10 Ftp Server 1.1.0.6
2 EDB exploits
NA
CVE-2019-116042
Quest KACE Systems Management Appliance versions 9.0 and below suffer from a cross site scripting vulnerability.
NA
CVE-2019-116042019
Quest KACE Systems Management Appliance versions 9.0 and below suffer from a cross site scripting vulnerability.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »