Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
knowledge management vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-8340
A cross-site scripting (XSS) vulnerability exists in the legacy IBM and Lenovo System x IMM2 (Integrated Management Module 2), prior to version 5.60, embedded Baseboard Management Controller (BMC) web interface during an internal security review. This vulnerability could allow Ja...
Lenovo Integrated Management Module 2
6.4
CVSSv2
CVE-2017-11693
MEDHOST Document Management System contains hard-coded credentials that are used for customer database access. An attacker with knowledge of the hard-coded credentials and the ability to communicate directly with the database may be able to obtain or modify sensitive patient and ...
Medhost Medhost Document Management System -
10
CVSSv2
CVE-2016-4328
MEDHOST Perioperative Information Management System (aka PIMS or VPIMS) prior to 2015R1 has hardcoded credentials, which makes it easier for remote malicious users to obtain sensitive information via direct requests to the application database server.
Medhost Perioperative Information Management System -
1 Article
4.3
CVSSv2
CVE-2020-8339
A cross-site scripting inclusion (XSSI) vulnerability was reported in the legacy IBM BladeCenter Advanced Management Module (AMM) web interface prior to version 3.68n [BPET68N]. This vulnerability could allow an authenticated user's AMM credentials to be disclosed if the use...
Ibm Bladecenter Advanced Management Module Firmware
2.1
CVSSv2
CVE-2019-5489
The mincore() implementation in mm/mincore.c in the Linux kernel up to and including 4.19.13 allowed local malicious users to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the ou...
Linux Linux Kernel
Netapp Element Software Management Node -
Netapp Active Iq Performance Analytics Services -
1 Github repository
1 Article
10
CVSSv2
CVE-2018-1216
A hard-coded password vulnerability exists in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management (eManagement): Dell EMC Unisphere for VMAX Virtual Appliance versions b...
Dell Emc Vmax Embedded Management
Dell Emc Unisphere For Vmax Virtual Appliance
Dell Emc Solutions Enabler Virtual Appliance
Dell Emc Vasa Virtual Appliance
1 Article
4.3
CVSSv2
CVE-2019-11358
jQuery prior to 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
Jquery Jquery
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Drupal Drupal
Backdropcms Backdrop
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Netapp Snapcenter -
Netapp Oncommand System Manager
Redhat Cloudforms 4.7
Redhat Virtualization Manager 4.3
Oracle Service Bus 12.1.3.0.0
Oracle Primavera Unifier 16.2
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Weblogic Server 12.1.3.0.0
Oracle Service Bus 11.1.1.9.0
Oracle Jdeveloper 11.1.1.9.0
Oracle Primavera Unifier 16.1
168 Github repositories
9
CVSSv2
CVE-2016-0635
Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2, and 12.3.2; the Oracle Health Sciences Information Manager component in Oracle Health Sciences Applications 1.2.8.3, 2.0.2.3, and 3.0.1.0; the Oracle...
Oracle Documaker
Oracle Insurance Policy Administration J2ee 10.2.2
Oracle Insurance Calculation Engine 10.2.2
Oracle Insurance Policy Administration J2ee 10.2.0
Oracle Insurance Calculation Engine 10.1.2
Oracle Insurance Rules Palette 10.1.2
Oracle Insurance Rules Palette 9.7.1
Oracle Insurance Policy Administration J2ee 9.7.1
Oracle Enterprise Manager Ops Center 12.2.2
Oracle Insurance Rules Palette 10.2.2
Oracle Primavera P6 Enterprise Project Portfolio Management 8.2
Oracle Retail Order Broker Cloud Service 5.1
Oracle Insurance Rules Palette 10.0.1
Oracle Insurance Calculation Engine 9.7.1
Oracle Primavera P6 Enterprise Project Portfolio Management 8.3
Oracle Insurance Policy Administration J2ee 10.0.1
Oracle Primavera P6 Enterprise Project Portfolio Management 15.1
Oracle Primavera Contract Management 14.2
Oracle Insurance Policy Administration J2ee 9.6.1
Oracle Health Sciences Information Manager 1.2.8.3
Oracle Enterprise Manager Ops Center 12.3.2
Oracle Health Sciences Information Manager 3.0.1.0
3.6
CVSSv2
CVE-2021-27363
An issue exists in the Linux kernel up to and including 5.11.3. A kernel pointer leak can be used to determine the address of the iscsi_transport structure. When an iSCSI transport is registered with the iSCSI subsystem, the transport's handle is available to unprivileged us...
Linux Linux Kernel
Debian Debian Linux 9.0
Netapp Cloud Backup -
Netapp Solidfire Baseboard Management Controller Firmware -
9 Github repositories
5.4
CVSSv2
CVE-2019-0227
A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subversion repository, legacy users are encouraged to build from source. The successor t...
Apache Axis 1.4
Oracle Agile Product Lifecycle Management Framework 9.3.3
Oracle Flexcube Private Banking 12.1.0
Oracle Primavera Unifier 16.2
Oracle Peoplesoft Enterprise Human Capital Management Human Resources 9.2
Oracle Retail Xstore Point Of Service 7.1
Oracle Enterprise Manager Base Platform 12.1.0.5
Oracle Flexcube Private Banking 12.0.0
Oracle Primavera Unifier 16.1
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
Oracle Tuxedo 12.1.3
Oracle Internet Directory 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Communications Order And Service Management 7.3.0.0.0
Oracle Flexcube Core Banking 11.7.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Application Testing Suite 13.2.0.1
Oracle Application Testing Suite 13.3.0.1
Oracle Secure Global Desktop 5.4
Oracle Retail Order Broker 15.0
1 EDB exploit
2 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »