Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
axis vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2020-2225
Jenkins Matrix Project Plugin 1.16 and previous versions does not escape the axis names shown in tooltips on the overview page of builds with multiple axes, resulting in a stored cross-site scripting vulnerability.
Jenkins Matrix Project
578
VMScore
CVE-2020-2179
Jenkins Yaml Axis Plugin 0.2.0 and previous versions does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability.
Jenkins Yaml Axis
578
VMScore
CVE-2020-4294
IBM QRadar 7.3.0 to 7.3.3 Patch 2 is vulnerable to Server Side Request Forgery (SSRF). This may allow an authenticated malicious user to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-ForceID: 176404.
Ibm Qradar Security Information And Event Manager 7.3.3
Ibm Qradar Security Information And Event Manager
546
VMScore
CVE-2019-0227
A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subversion repository, legacy users are encouraged to build from source. The successor t...
Apache Axis 1.4
Oracle Agile Product Lifecycle Management Framework 9.3.3
Oracle Flexcube Private Banking 12.1.0
Oracle Primavera Unifier 16.2
Oracle Peoplesoft Enterprise Human Capital Management Human Resources 9.2
Oracle Retail Xstore Point Of Service 7.1
Oracle Enterprise Manager Base Platform 12.1.0.5
Oracle Flexcube Private Banking 12.0.0
Oracle Primavera Unifier 16.1
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
Oracle Tuxedo 12.1.3
Oracle Internet Directory 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Communications Order And Service Management 7.3.0.0.0
Oracle Flexcube Core Banking 11.7.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Application Testing Suite 13.2.0.1
Oracle Application Testing Suite 13.3.0.1
Oracle Secure Global Desktop 5.4
Oracle Retail Order Broker 15.0
1 EDB exploit
2 Github repositories
490
VMScore
CVE-2019-0283
SAP NetWeaver Process Integration (Adapter Engine), fixed in versions 7.10 to 7.11, 7.30, 7.31, 7.40, 7.50; is vulnerable to Digital Signature Spoofing. It is possible to spoof XML signatures and send arbitrary requests to the server via PI Axis adapter. These requests will be ac...
Sap Netweaver Process Integration 7.10
Sap Netweaver Process Integration 7.11
Sap Netweaver Process Integration 7.30
Sap Netweaver Process Integration 7.40
Sap Netweaver Process Integration 7.31
Sap Netweaver Process Integration 7.50
383
VMScore
CVE-2018-19334
Google Monorail prior to 2018-05-04 has a Cross-Site Search (XS-Search) vulnerability because CSV downloads are affected by CSRF, and calculations of download times (for requests with an unsupported axis) can be used to obtain sensitive information about the content of bug report...
Google Monorail
384
VMScore
CVE-2018-8032
Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services.
Apache Axis
Oracle Agile Product Lifecycle Management Framework 9.3.3
Oracle Flexcube Private Banking 12.1.0
Oracle Primavera Unifier 16.2
Oracle Peoplesoft Enterprise Human Capital Management Human Resources 9.2
Oracle Retail Xstore Point Of Service 7.1
Oracle Enterprise Manager Base Platform 12.1.0.5
Oracle Flexcube Private Banking 12.0.0
Oracle Primavera Unifier 16.1
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
Oracle Tuxedo 12.1.3
Oracle Internet Directory 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Communications Order And Service Management 7.3.0.0.0
Oracle Flexcube Core Banking 11.7.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Application Testing Suite 13.2.0.1
Oracle Application Testing Suite 13.3.0.1
Oracle Secure Global Desktop 5.4
Oracle Retail Order Broker 15.0
445
VMScore
CVE-2018-10658
There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which causes a denial of service (crash). The crash arises from code inside libdbus-send.so shared object or similar.
Axis A1001 Firmware
Axis A8004-v Firmware
Axis A8105-e Firmware
Axis A9161 Firmware
Axis A9188 Firmware
Axis A9188-v Firmware
Axis C1004-e Firmware
Axis C2005 Firmware
Axis C3003-e Firmware
Axis C8033 Firmware
Axis Companion Bullet Le Firmware
Axis Companion C360 Firmware
Axis Companion Cube L Firmware
Axis Companion Cube Lw Firmware
Axis Companion Dome V Firmware
Axis Companion Dome Wv Firmware
Axis Companion Eye L Firmware
Axis Companion Eye Lve Firmware
Axis Companion Recorder 4ch Firmware
Axis Companion Recorder 8ch Firmware
Axis D2050-ve Firmware
Axis F34 Main Unit Firmware
445
VMScore
CVE-2018-10659
There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which allows remote malicious users to cause a denial of service (crash) by sending a crafted command which will result in a code path that calls the UND undefined ARM instruction.
Axis A1001 Firmware
Axis A8004-v Firmware
Axis A8105-e Firmware
Axis A9161 Firmware
Axis A9188 Firmware
Axis A9188-v Firmware
Axis C1004-e Firmware
Axis C2005 Firmware
Axis C3003-e Firmware
Axis C8033 Firmware
Axis Companion Bullet Le Firmware
Axis Companion C360 Firmware
Axis Companion Cube L Firmware
Axis Companion Cube Lw Firmware
Axis Companion Dome V Firmware
Axis Companion Dome Wv Firmware
Axis Companion Eye L Firmware
Axis Companion Eye Lve Firmware
Axis Companion Recorder 4ch Firmware
Axis Companion Recorder 8ch Firmware
Axis D2050-ve Firmware
Axis F34 Main Unit Firmware
1000
VMScore
CVE-2018-10660
An issue exists in multiple models of Axis IP Cameras. There is Shell Command Injection.
Axis A1001 Firmware
Axis A8004-v Firmware
Axis A8105-e Firmware
Axis A9161 Firmware
Axis A9188 Firmware
Axis A9188-v Firmware
Axis C1004-e Firmware
Axis C2005 Firmware
Axis C3003-e Firmware
Axis C8033 Firmware
Axis Companion Bullet Le Firmware
Axis Companion C360 Firmware
Axis Companion Cube L Firmware
Axis Companion Cube Lw Firmware
Axis Companion Dome V Firmware
Axis Companion Dome Wv Firmware
Axis Companion Eye L Firmware
Axis Companion Eye Lve Firmware
Axis Companion Recorder 4ch Firmware
Axis Companion Recorder 8ch Firmware
Axis D2050-ve Firmware
Axis F34 Main Unit Firmware
1 EDB exploit
2 Github repositories
1 Article
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »