Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
a vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-28741
aEnrich a+HRD 5.x Learning Management Key Performance Indicator System has a local file inclusion (LFI) vulnerability that occurs due to missing input validation in v5.x
Aenrich A\\+hrd
5.4
CVSSv2
CVE-2014-7767
The A+ (aka cn.xrzcm) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Yunlai A\\+ 1.0.1
NA
CVE-2022-28742
aEnrich eHRD Learning Management Key Performance Indicator System 5+ has Improper Access Control. The web application does not validate user session when accessing many application pages. This can allow an malicious user to gain unauthenticated access to sensitive functionalities...
Aenrich A\\+hrd
NA
CVE-2022-28740
aEnrich eHRD Learning Management Key Performance Indicator System 5+ exposes Sensitive Information to an Unauthorized Actor.
Aenrich A\\+hrd
10
CVSSv2
CVE-1999-0943
Buffer overflow in OpenLink 3.2 allows remote malicious users to gain privileges via a long GET request to the web configurator.
Openlink Openlink A
1 EDB exploit
7.1
CVSSv2
CVE-2015-6415
Cisco Unified Computing System (UCS) 2.2(3f)A on Fabric Interconnect 6200 devices allows remote malicious users to cause a denial of service (CPU consumption or device outage) via a SYN flood on the SSH port during the booting process, aka Bug ID CSCuu81757.
Cisco Unified Computing System 2.2\\(3f\\)a
5
CVSSv2
CVE-2015-6355
The web interface in Cisco Unified Computing System (UCS) 2.2(5b)A on blade servers allows remote malicious users to obtain potentially sensitive version information by visiting an unspecified URL, aka Bug ID CSCuw87226.
Cisco Unified Computing System 2.2\\(5b\\)a
NA
CVE-2022-2240
The Request a Quote WordPress plugin up to and including 2.3.7 does not validate uploaded CSV files, allowing unauthenticated users to attach a malicious CSV file to a quote, which could lead to a CSV injection once an admin download and open it
Emarketdesign Request A Quote
6.4
CVSSv2
CVE-2016-1178
The session management of the comment functionality in appleple a-blog cms 2.6.0.1 and previous versions allows remote malicious users to obtain or modify sensitive data via unspecified vectors.
Appleple A-blog Cms
4.3
CVSSv2
CVE-2016-1179
Cross-site scripting (XSS) vulnerability in the standard template of the comment functionality in appleple a-blog cms 2.6.0.1 and previous versions allows remote malicious users to inject arbitrary web script or HTML.
Appleple A-blog Cms
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »