Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
storm vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2021-40865
An Unsafe Deserialization vulnerability exists in the worker services of the Apache Storm supervisor server allowing pre-auth Remote Code Execution (RCE). Apache Storm 2.2.x users should upgrade to version 2.2.1 or 2.3.0. Apache Storm 2.1.x users should upgrade to version 2.1.1. ...
Apache Storm
1 Github repository
668
VMScore
CVE-2018-11779
In Apache Storm versions 1.1.0 to 1.2.2, when the user is using the storm-kafka-client or storm-kafka modules, it is possible to cause the Storm UI daemon to deserialize user provided bytes into a Java class.
Apache Storm
668
VMScore
CVE-2005-4437
MD5 Neighbor Authentication in Extended Interior Gateway Routing Protocol (EIGRP) 1.2, as implemented in Cisco IOS 11.3 and later, does not include the Message Authentication Code (MAC) in the checksum, which allows remote malicious users to sniff message hashes and (1) replay EI...
Extended Interior Gateway Routing Protocol Extended Interior Gateway Routing Protocol 1.2
668
VMScore
CVE-2002-1788
Format string vulnerability in the nn_exitmsg function in nn 6.6.0 up to and including 6.6.3 allows remote NNTP servers to execute arbitrary code via format strings in server responses.
Kim Storm Nn 6.6.3
Kim Storm Nn 6.6.0
Kim Storm Nn 6.6.2
Kim Storm Nn 6.6.1
641
VMScore
CVE-2019-12777
An issue exists on the ENTTEC Datagate MK2, Storm 24, Pixelator, and E-Streamer MK2 with firmware 70044_update_05032019-482. They replace secure and protected directory permissions (set as default by the underlying operating system) with highly insecure read, write, and execute d...
Enttec Datagate Mk2 Firmware 70044
Enttec Storm 24 Firmware 70044
Enttec Pixelator Firmware 70044
Enttec E-streamer Mk2 Firmware 70044
641
VMScore
CVE-2002-0479
Gravity Storm Service Pack Manager 2000 creates a hidden share (SPM2000c$) mapped to the C drive, which may allow local users to bypass access restrictions on certain directories in the C drive, such as system32, by accessing them through the hidden share.
Gravity Storm Software Service Pack Manager 2000 6.0
Gravity Storm Software Service Pack Manager 2000 6.3
Gravity Storm Software Service Pack Manager 2000 6.1
632
VMScore
CVE-2007-4011
Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wireless LAN Controller (WLC) software prior to 3.2 20070727, 4.0 prior to 20070727, and 4.1 prior to 4.1.180.0 allows remote malicious users to cause a denial of service (traffic amplification or ARP storm) via a cr...
Cisco Wireless Lan Controller Software 3.2.116.21
Cisco Wireless Lan Controller Software 4.0
Cisco Wireless Lan Controller Software 4.0.155.0
Cisco Wireless Lan Controller Software 4.1
Cisco Wireless Lan Controller Software 3.2
632
VMScore
CVE-2007-4012
Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wireless LAN Controller (WLC) software 4.1 prior to 4.1.180.0 allows remote malicious users to cause a denial of service (ARP storm) via a broadcast ARP packet that "targets the IP address of a known client cont...
Cisco Wireless Lan Controller Software 4.1
Cisco Wireless Lan Controller Software 4.0
Cisco Wireless Lan Controller Software 4.0.155.0
Cisco Wireless Lan Controller Software 3.2
Cisco Wireless Lan Controller Software 3.2.116.21
585
VMScore
CVE-2014-2017
CRLF injection vulnerability in OXID eShop Professional Edition prior to 4.7.11 and 4.8.x prior to 4.8.4, Enterprise Edition prior to 5.0.11 and 5.1.x prior to 5.1.4, and Community Edition prior to 4.7.11 and 4.8.x prior to 4.8.4 allows remote malicious users to inject arbitrary ...
Oxidforge Eshop
1 EDB exploit
578
VMScore
CVE-2018-1331
In Apache Storm 0.10.0 up to and including 0.10.2, 1.0.0 up to and including 1.0.6, 1.1.0 up to and including 1.1.2, and 1.2.0 up to and including 1.2.1, an attacker with access to a secure storm cluster in some cases could execute arbitrary code as a different user.
Apache Storm
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »