Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
axis vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2020-2224
Jenkins Matrix Project Plugin 1.16 and previous versions does not escape the node names shown in tooltips on the overview page of builds with a single axis, resulting in a stored cross-site scripting vulnerability.
Jenkins Matrix Project
8.8
CVSSv3
CVE-2020-2179
Jenkins Yaml Axis Plugin 0.2.0 and previous versions does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability.
Jenkins Yaml Axis
6.3
CVSSv3
CVE-2020-4294
IBM QRadar 7.3.0 to 7.3.3 Patch 2 is vulnerable to Server Side Request Forgery (SSRF). This may allow an authenticated malicious user to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-ForceID: 176404.
Ibm Qradar Security Information And Event Manager 7.3.3
Ibm Qradar Security Information And Event Manager
7.5
CVSSv3
CVE-2019-0227
A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subversion repository, legacy users are encouraged to build from source. The successor t...
Apache Axis 1.4
Oracle Agile Product Lifecycle Management Framework 9.3.3
Oracle Flexcube Private Banking 12.1.0
Oracle Primavera Unifier 16.2
Oracle Peoplesoft Enterprise Human Capital Management Human Resources 9.2
Oracle Retail Xstore Point Of Service 7.1
Oracle Enterprise Manager Base Platform 12.1.0.5
Oracle Flexcube Private Banking 12.0.0
Oracle Primavera Unifier 16.1
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
Oracle Tuxedo 12.1.3
Oracle Internet Directory 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Communications Order And Service Management 7.3.0.0.0
Oracle Flexcube Core Banking 11.7.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Application Testing Suite 13.2.0.1
Oracle Application Testing Suite 13.3.0.1
Oracle Secure Global Desktop 5.4
Oracle Retail Order Broker 15.0
1 EDB exploit
2 Github repositories
7.1
CVSSv3
CVE-2019-0283
SAP NetWeaver Process Integration (Adapter Engine), fixed in versions 7.10 to 7.11, 7.30, 7.31, 7.40, 7.50; is vulnerable to Digital Signature Spoofing. It is possible to spoof XML signatures and send arbitrary requests to the server via PI Axis adapter. These requests will be ac...
Sap Netweaver Process Integration 7.10
Sap Netweaver Process Integration 7.11
Sap Netweaver Process Integration 7.30
Sap Netweaver Process Integration 7.40
Sap Netweaver Process Integration 7.31
Sap Netweaver Process Integration 7.50
5.3
CVSSv3
CVE-2018-19334
Google Monorail prior to 2018-05-04 has a Cross-Site Search (XS-Search) vulnerability because CSV downloads are affected by CSRF, and calculations of download times (for requests with an unsupported axis) can be used to obtain sensitive information about the content of bug report...
Google Monorail
6.1
CVSSv3
CVE-2018-8032
Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services.
Apache Axis
Oracle Agile Product Lifecycle Management Framework 9.3.3
Oracle Flexcube Private Banking 12.1.0
Oracle Primavera Unifier 16.2
Oracle Peoplesoft Enterprise Human Capital Management Human Resources 9.2
Oracle Retail Xstore Point Of Service 7.1
Oracle Enterprise Manager Base Platform 12.1.0.5
Oracle Flexcube Private Banking 12.0.0
Oracle Primavera Unifier 16.1
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
Oracle Tuxedo 12.1.3
Oracle Internet Directory 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Communications Order And Service Management 7.3.0.0.0
Oracle Flexcube Core Banking 11.7.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Application Testing Suite 13.2.0.1
Oracle Application Testing Suite 13.3.0.1
Oracle Secure Global Desktop 5.4
Oracle Retail Order Broker 15.0
7.5
CVSSv3
CVE-2018-10658
There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which causes a denial of service (crash). The crash arises from code inside libdbus-send.so shared object or similar.
Axis A1001 Firmware
Axis A8004-v Firmware
Axis A8105-e Firmware
Axis A9161 Firmware
Axis A9188 Firmware
Axis A9188-v Firmware
Axis C1004-e Firmware
Axis C2005 Firmware
Axis C3003-e Firmware
Axis C8033 Firmware
Axis Companion Bullet Le Firmware
Axis Companion C360 Firmware
Axis Companion Cube L Firmware
Axis Companion Cube Lw Firmware
Axis Companion Dome V Firmware
Axis Companion Dome Wv Firmware
Axis Companion Eye L Firmware
Axis Companion Eye Lve Firmware
Axis Companion Recorder 4ch Firmware
Axis Companion Recorder 8ch Firmware
Axis D2050-ve Firmware
Axis F34 Main Unit Firmware
7.5
CVSSv3
CVE-2018-10659
There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which allows remote malicious users to cause a denial of service (crash) by sending a crafted command which will result in a code path that calls the UND undefined ARM instruction.
Axis A1001 Firmware
Axis A8004-v Firmware
Axis A8105-e Firmware
Axis A9161 Firmware
Axis A9188 Firmware
Axis A9188-v Firmware
Axis C1004-e Firmware
Axis C2005 Firmware
Axis C3003-e Firmware
Axis C8033 Firmware
Axis Companion Bullet Le Firmware
Axis Companion C360 Firmware
Axis Companion Cube L Firmware
Axis Companion Cube Lw Firmware
Axis Companion Dome V Firmware
Axis Companion Dome Wv Firmware
Axis Companion Eye L Firmware
Axis Companion Eye Lve Firmware
Axis Companion Recorder 4ch Firmware
Axis Companion Recorder 8ch Firmware
Axis D2050-ve Firmware
Axis F34 Main Unit Firmware
9.8
CVSSv3
CVE-2018-10660
An issue exists in multiple models of Axis IP Cameras. There is Shell Command Injection.
Axis A1001 Firmware
Axis A8004-v Firmware
Axis A8105-e Firmware
Axis A9161 Firmware
Axis A9188 Firmware
Axis A9188-v Firmware
Axis C1004-e Firmware
Axis C2005 Firmware
Axis C3003-e Firmware
Axis C8033 Firmware
Axis Companion Bullet Le Firmware
Axis Companion C360 Firmware
Axis Companion Cube L Firmware
Axis Companion Cube Lw Firmware
Axis Companion Dome V Firmware
Axis Companion Dome Wv Firmware
Axis Companion Eye L Firmware
Axis Companion Eye Lve Firmware
Axis Companion Recorder 4ch Firmware
Axis Companion Recorder 8ch Firmware
Axis D2050-ve Firmware
Axis F34 Main Unit Firmware
1 EDB exploit
2 Github repositories
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »