Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sec-consult.com vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2019-15046
Zoho ManageEngine ServiceDesk Plus 10 prior to 10509 allows unauthenticated sensitive information leakage during Fail Over Service (FOS) replication, aka SD-79989.
Zohocorp Manageengine Servicedesk Plus
NA
CVE-2013-4670
Multiple cross-site scripting (XSS) vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance prior to 5.1.1 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Symantec Web Gateway 5.0.3.18
Symantec Web Gateway
Symantec Web Gateway 5.0
Symantec Web Gateway 5.0.1
Symantec Web Gateway 5.0.2
Symantec Web Gateway 5.0.3
Symantec Web Gateway Appliance 8450 -
Symantec Web Gateway Appliance 8490 -
NA
CVE-2013-4671
Cross-site request forgery (CSRF) vulnerability in the management console on the Symantec Web Gateway (SWG) appliance prior to 5.1.1 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.
Symantec Web Gateway 5.0.1
Symantec Web Gateway 5.0.2
Symantec Web Gateway 5.0.3
Symantec Web Gateway 5.0.3.18
Symantec Web Gateway
Symantec Web Gateway 5.0
Symantec Web Gateway Appliance 8450 -
Symantec Web Gateway Appliance 8490 -
9.8
CVSSv3
CVE-2022-26479
An issue exists in Poly EagleEye Director II prior to 2.2.2.1. Existence of a certain file (which can be created via an rsync backdoor) causes all API calls to execute as admin without authentication.
Poly Eagleeye Director Ii Firmware
7.2
CVSSv3
CVE-2022-26482
An issue exists in Poly EagleEye Director II prior to 2.2.2.1. os.system command injection can be achieved by an admin.
Poly Eagleeye Director Ii Firmware
9.8
CVSSv3
CVE-2019-12550
WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain hardcoded users and passwords that can be used to login via SSH and TELNET.
Wago 852-303 Firmware
Wago 852-1305 Firmware
Wago 852-1505 Firmware
7.5
CVSSv3
CVE-2017-9281
An integer overflow (CWE-190) potentially causing an out-of-bounds read (CWE-125) vulnerability in Micro Focus VisiBroker 8.5 can lead to a denial of service.
Microfocus Visibroker 8.5
9.8
CVSSv3
CVE-2017-9282
An integer overflow (CWE-190) led to an out-of-bounds write (CWE-787) on a heap-allocated area, leading to heap corruption in Micro Focus VisiBroker 8.5. The feasibility of leveraging this vulnerability for further attacks was not assessed.
Microfocus Visibroker 8.5
9.8
CVSSv3
CVE-2017-9283
An out-of-bounds read (CWE-125) vulnerability exists in Micro Focus VisiBroker 8.5. The feasibility of leveraging this vulnerability for further attacks was not assessed.
Microfocus Visibroker 8.5
6.1
CVSSv3
CVE-2018-14037
Cross-site scripting (XSS) vulnerability in Progress Kendo UI Editor v2018.1.221 allows remote malicious users to inject arbitrary JavaScript into the DOM of the WYSIWYG editor because of the editorNS.Serializer toEditableHtml function in kendo.all.min.js. If the victim accesses ...
Progress Kendo Ui 2018.1.221
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »