Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
on-premise vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2014-9436
Absolute path traversal vulnerability in SysAid On-Premise prior to 14.4.2 allows remote malicious users to read arbitrary files via a \\\\ (four backslashes) in the fileName parameter to getRdsLogFile.
Sysaid Sysaid
1 EDB exploit
7.5
CVSSv2
CVE-2022-1360
The affected On-Premise cnMaestro is vulnerable to execution of code on the cnMaestro hosting server. This could allow a remote malicious user to change server configuration settings.
Cambiumnetworks Cnmaestro 2.4.2
Cambiumnetworks Cnmaestro 3.0.0
Cambiumnetworks Cnmaestro 3.0.3
3.5
CVSSv2
CVE-2020-28722
Deskpro Cloud Platform and on-premise 2020.2.3.48207 from 2020-07-30 contains a cross-site scripting (XSS) vulnerability that can lead to an account takeover via custom email templates.
Deskpro Deskpro
5
CVSSv2
CVE-2020-14255
HCL Digital Experience 9.5 containers include vulnerabilities that could expose sensitive data to unauthorized parties via crafted requests. These affect containers only. These do not affect traditional on-premise installations.
Hcltech Digital Experience 9.5
5
CVSSv2
CVE-2021-1630
XML external entity (XXE) vulnerability affecting certain versions of a Mule runtime component that may affect CloudHub, GovCloud, Runtime Fabric, Pivotal Cloud Foundry, Private Cloud Edition, and on-premise customers.
Salesforce Mule
NA
CVE-2021-29913
IBM Security Verify Privilege On-Premise 11.5 could allow an authenticated user to obtain sensitive information or perform unauthorized actions due to improper input validation. IBM X-Force ID: 207898.
Ibm Security Verify Privilege On-premises
4
CVSSv2
CVE-2014-8372
AirWatch by VMware On-Premise 7.3.x prior to 7.3.3.0 (FP3) allows remote authenticated users to obtain the organizational information and statistics from arbitrary tenants via vectors involving a direct object reference.
Vmware Airwatch 7.3.0.0
Vmware Airwatch
3.5
CVSSv2
CVE-2021-36696
Deskpro cloud and on-premise Deskpro 2021.1.6 and fixed in Deskpro 2021.1.7 contains a cross-site scripting (XSS) vulnerability in social media links on a user profile due to lack of input validation.
Deskpro Deskpro 2021.1.6
3.5
CVSSv2
CVE-2021-36695
Deskpro cloud and on-premise Deskpro 2021.1.6 and fixed in Deskpro 2021.1.7 contains a cross-site scripting (XSS) vulnerability in the download file feature on a manager profile due to lack of input validation.
Deskpro Deskpro 2021.1.6
7.8
CVSSv2
CVE-2021-34415
The Zone Controller service in the Zoom On-Premise Meeting Connector Controller before version 4.6.358.20210205 does not verify the cnt field sent in incoming network packets, which leads to exhaustion of resources and system crash.
Zoom Meeting Connector
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »