Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sec-consult.com vulnerabilities and exploits
(subscribe to this query)
4.4
CVSSv2
CVE-2013-2773
Nitro PDF 8.5.0.26: A specially crafted DLL file can facilitate Arbitrary Code Execution
Gonitro Nitropdf 8.5.0.26
4
CVSSv2
CVE-2015-5718
Stack-based buffer overflow in the handle_debug_network function in the manager in Websense Content Gateway prior to 8.0.0 HF02 allows remote administrators to cause a denial of service (crash) via a crafted diagnostic command line request to submit_net_debug.cgi.
Websense Content Gateway 8.0.0
NA
CVE-2014-40232014
F5 BIG-IP versions 11.5.1 and below suffer from a reflective cross site scripting vulnerability.
5.5
CVSSv2
CVE-2015-2655
Unspecified vulnerability in the Application Express component in Oracle Database Server prior to 4.2.3.00.08 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
Oracle Database Server
NA
CVE-2022-26088
An issue exists in BMC Remedy prior to 22.1. Email-based Incident Forwarding allows remote authenticated users to inject HTML (such as an SSRF payload) into the Activity Log by placing it in the To: field. This affects rendering that occurs upon a click in the "number of rec...
Bmc Remedy It Service Management Suite 20.02
3.5
CVSSv2
CVE-2014-2512
Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum eRoom 7.4.3, 7.4.4 before P19, and 7.4.4 SP1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Emc Documentum Eroom 7.4.4
Emc Documentum Eroom 7.4.3
7.5
CVSSv2
CVE-2022-27668
Depending on the configuration of the route permission table in file 'saprouttab', it is possible for an unauthenticated malicious user to execute SAProuter administration commands in SAP NetWeaver and ABAP Platform - versions KERNEL 7.49, 7.77, 7.81, 7.85, 7.86, 7.87, ...
Sap Netweaver As Abap Kernel 7.49
Sap Netweaver As Abap Kernel 7.77
Sap Netweaver As Abap Kernel 7.81
Sap Netweaver As Abap Krnl64uc 7.49
Sap Netweaver As Abap Krnl64nuc 7.49
Sap Router 7.22
Sap Router 7.53
Sap Netweaver As Abap Kernel 7.85
Sap Netweaver As Abap Kernel 7.86
Sap Netweaver As Abap Kernel 7.87
Sap Netweaver As Abap Kernel 7.88
NA
CVE-2022-45129
Payara prior to 2022-11-04, when deployed to the root context, allows malicious users to visit META-INF and WEB-INF, a different vulnerability than CVE-2022-37422. This affects Payara Platform Community prior to 4.1.2.191.38, 5.x prior to 5.2022.4, and 6.x prior to 6.2022.1, and ...
Payara Payara
5
CVSSv2
CVE-2019-19228
Fronius Solar Inverter devices prior to 3.14.1 (HM 1.12.1) allow malicious users to bypass authentication because the password for the today account is stored in the /tmp/web_users.conf file.
Fronius Datamanager Box 2.0 Firmware
Fronius Eco 25.0-3-s Firmware
Fronius Eco 27.0-3-s Firmware
Fronius Galvo 1.5-1 Firmware
Fronius Galvo 1.5-1 208-240 Firmware
Fronius Galvo 2.0-1 Firmware
Fronius Galvo 2.0-1 208-240 Firmware
Fronius Galvo 2.5-1 Firmware
Fronius Galvo 2.5-1 208-240 Firmware
Fronius Galvo 3.0-1 Firmware
Fronius Galvo 3.1-1 Firmware
Fronius Galvo 3.1-1 208-240 Firmware
Fronius Primo 10.0-1 208-240 Firmware
Fronius Primo 11.4-1 208-240 Firmware
Fronius Primo 12.5-1 208-240 Firmware
Fronius Primo 15.0-1 208-240 Firmware
Fronius Primo 3.0-1 Firmware
Fronius Primo 3.5-1 Firmware
Fronius Primo 3.6-1 Firmware
Fronius Primo 3.8-1 208-240 Firmware
Fronius Primo 4.0-1 Firmware
Fronius Primo 4.6-1 Firmware
6.5
CVSSv2
CVE-2021-22708
A CWE-347: Improper Verification of Cryptographic Signature vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all versions prior to R...
Schneider-electric Evlink City Evc1s22p4 Firmware
Schneider-electric Evlink City Evc1s7p4 Firmware
Schneider-electric Evlink Parking Evw2 Firmware
Schneider-electric Evlink Parking Evf2 Firmware
Schneider-electric Evlink Parking Ev.2 Firmware
Schneider-electric Evlink Smart Wallbox Evb1a Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
CVE-2023-52162
CVE-2024-23670
CVE-2024-5404
man-in-the-middle
CVE-2024-5214
CVE-2024-4358
CVE-2024-20696
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »