Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
weak vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2020-3389
A vulnerability in the installation component of Cisco Hyperflex HX-Series Software could allow an authenticated, local malicious user to retrieve the password that was configured at installation on an affected device. The vulnerability exists because sensitive information is sto...
Cisco Hyperflex Hx-series Software 4.0(2a)
4.6
CVSSv2
CVE-2017-13091
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including improperly specified padding in CBC mode allows use of an EDA tool as a decryption oracle. The methods a...
- - -
4.6
CVSSv2
CVE-2017-13097
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of Rights Block to remove or relax license requirement. The methods are flawed and, in the ...
- - -
2.1
CVSSv2
CVE-2000-0559
eTrust Intrusion Detection System (formerly SessionWall-3) uses weak encryption (XOR) to store administrative passwords in the registry, which allows local users to easily decrypt the passwords.
Broadcom Etrust Intrusion Detection
1 EDB exploit
7.5
CVSSv2
CVE-2004-0390
SCO OpenServer 5.0.5 up to and including 5.0.7 only supports Xauthority style access control when users log in using scologin, which allows remote malicious users to gain unauthorized access to an X session via other X login methods.
Sco Openserver 5.0.7
Sco Openserver 5.0.5
Sco Openserver 5.0.6
1 EDB exploit
3.5
CVSSv2
CVE-2017-17745
Cross-site scripting (XSS) vulnerability in system_name_set.cgi in TP-Link TL-SG108E 1.0.0 allows authenticated remote malicious users to submit arbitrary java script via the 'sysName' parameter.
Tp-link Tl-sg108e Firmware 1.0.0
7.7
CVSSv2
CVE-2017-17746
Weak access control methods on the TP-Link TL-SG108E 1.0.0 allow any user on a NAT network with an authenticated administrator to access the device without entering user credentials. The authentication record is stored on the device; thus if an administrator authenticates from a ...
Tp-link Tl-sg108e Firmware 1.0.0
1 Github repository
2.7
CVSSv2
CVE-2017-17747
Weak access controls in the Device Logout functionality on the TP-Link TL-SG108E v1.0.0 allow remote malicious users to call the logout functionality, triggering a denial of service condition.
Tp-link Tl-sg108e Firmware 1.0.0
4.6
CVSSv2
CVE-2017-13092
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including improperly specified HDL syntax allows use of an EDA tool as a decryption oracle. The methods are flawed...
- - -
4.6
CVSSv2
CVE-2017-13093
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of encrypted IP cyphertext to insert hardware trojans. The methods are flawed and, in the m...
- - -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »