Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco application policy infrastructure controller vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2015-7850
ntpd in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote authenticated users to cause a denial of service (infinite loop or crash) by pointing the key file at the log file.
Ntp Ntp 4.2.8
Ntp Ntp
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Netapp Oncommand Balance -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
Netapp Oncommand Unified Manager -
Netapp Oncommand Performance Manager -
6.5
CVSSv3
CVE-2015-7855
The decodenetnum function in ntpd in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote malicious users to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.
Ntp Ntp 4.2.8
Ntp Ntp
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Netapp Oncommand Balance -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
Netapp Oncommand Unified Manager -
Netapp Oncommand Performance Manager -
Siemens Tim 4r-ie Firmware
Siemens Tim 4r-ie Dnp3 Firmware
1 EDB exploit
6.5
CVSSv3
CVE-2015-7973
NTP prior to 4.2.8p6 and 4.3.x prior to 4.3.90, when configured in broadcast mode, allows man-in-the-middle malicious users to conduct replay attacks by sniffing the network.
Ntp Ntp 4.2.8
Ntp Ntp
Siemens Tim 4r-ie Firmware
Siemens Tim 4r-ie Dnp3 Firmware
Freebsd Freebsd 9.3
Freebsd Freebsd 10.2
Freebsd Freebsd 10.1
Freebsd Freebsd
Netapp Oncommand Balance -
Netapp Clustered Data Ontap -
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
6.5
CVSSv3
CVE-2016-6457
A vulnerability in the Cisco Nexus 9000 Series Platform Leaf Switches for Application Centric Infrastructure (ACI) could allow an unauthenticated, adjacent malicious user to cause a denial of service (DoS) condition on the affected device. This vulnerability affects Cisco Nexus 9...
Cisco Application Policy Infrastructure Controller 1.2(3)
Cisco Application Policy Infrastructure Controller 1.2(2)
Cisco Application Policy Infrastructure Controller 1.3(2)
Cisco Application Policy Infrastructure Controller 2.0(1)
Cisco Application Policy Infrastructure Controller 1.3(1)
Cisco Nx-os 11.2(2g)
Cisco Nx-os 11.2(2h)
Cisco Nx-os 11.2(2i)
Cisco Nx-os 11.2(3c)
Cisco Nx-os 11.2(3e)
Cisco Nx-os 11.2(3h)
Cisco Nx-os 11.3(1i)
Cisco Nx-os 11.3(2f)
Cisco Nx-os 11.3(2h)
Cisco Nx-os 11.3(2i)
Cisco Nx-os 12.0(1m)
Cisco Nx-os 12.0(1n)
Cisco Nx-os 12.0(1o)
Cisco Nx-os 12.0(1p)
Cisco Nx-os 12.0(1q)
6.2
CVSSv3
CVE-2015-7975
The nextvar function in NTP prior to 4.2.8p6 and 4.3.x prior to 4.3.90 does not properly validate the length of its input, which allows an malicious user to cause a denial of service (application crash).
Ntp Ntp 4.3.80
Ntp Ntp 4.3.51
Ntp Ntp 4.3.17
Ntp Ntp 4.3.30
Ntp Ntp 4.3.74
Ntp Ntp 4.3.67
Ntp Ntp 4.3.14
Ntp Ntp 4.3.27
Ntp Ntp 4.3.13
Ntp Ntp 4.3.36
Ntp Ntp 4.3.16
Ntp Ntp 4.3.35
Ntp Ntp 4.3.53
Ntp Ntp 4.3.64
Ntp Ntp 4.3.20
Ntp Ntp 4.3.40
Ntp Ntp 4.3.68
Ntp Ntp 4.3.46
Ntp Ntp 4.3.77
Ntp Ntp 4.3.1
Ntp Ntp 4.3.6
Ntp Ntp 4.3.2
6.1
CVSSv3
CVE-2016-1318
Cross-site scripting (XSS) vulnerability in Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) 1.1 allows remote malicious users to inject arbitrary web script or HTML via crafted markup data, aka Bug ID CSCux15489.
Cisco Application Policy Infrastructure Controller Enterprise Module 1.1 Base
6.1
CVSSv3
CVE-2016-1305
Cross-site scripting (XSS) vulnerability in Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) 1.1 allows remote malicious users to inject arbitrary web script or HTML via vectors involving HTML entities, aka Bug ID CSCux15511.
Cisco Application Policy Infrastructure Controller Enterprise Module 1.1 Base
6.1
CVSSv3
CVE-2015-6337
Cross-site scripting (XSS) vulnerability in Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) 1.0.10 allows remote malicious users to inject arbitrary web script or HTML via a crafted hostname in an SNMP response, aka Bug ID CSCuw47238.
Cisco Application Policy Infrastructure Controller Enterprise Module 1.0 Ga
Cisco Application Policy Infrastructure Controller Enterprise Module 1.0.10
5.9
CVSSv3
CVE-2021-45105
Apache Log4j2 versions 2.0-alpha1 up to and including 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted strin...
Apache Log4j
Netapp Cloud Manager -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Sonicwall Network Security Manager
Sonicwall Email Security
Sonicwall Web Application Firewall
Sonicwall 6bk1602-0aa12-0tp0 Firmware
Sonicwall 6bk1602-0aa22-0tp0 Firmware
Sonicwall 6bk1602-0aa32-0tp0 Firmware
Sonicwall 6bk1602-0aa42-0tp0 Firmware
Sonicwall 6bk1602-0aa52-0tp0 Firmware
Oracle E-business Suite 12.2
Oracle Retail Back Office 14.1
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Sites 12.2.1.3.0
Oracle Managed File Transfer 12.2.1.3.0
Oracle Retail Order Broker 16.0
Oracle Retail Integration Bus 14.1.3
Oracle Retail Returns Management 14.1
Oracle Retail Central Office 14.1
74 Github repositories
5 Articles
5.9
CVSSv3
CVE-2021-3449
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_ce...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Freebsd Freebsd 12.2
Netapp Santricity Smi-s Provider -
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Oncommand Insight -
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager -
Netapp Cloud Volumes Ontap Mediator -
Netapp E-series Performance Analyzer -
Tenable Tenable.sc
Tenable Nessus
Tenable Nessus Network Monitor 5.11.1
Tenable Nessus Network Monitor 5.12.0
Tenable Nessus Network Monitor 5.12.1
Tenable Nessus Network Monitor 5.13.0
Tenable Nessus Network Monitor 5.11.0
Tenable Log Correlation Engine
Fedoraproject Fedora 34
5 Github repositories
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »