Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
events manager vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-0614
The Events Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 6.4.6.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator...
5.8
CVSSv2
CVE-2021-20322
A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomizat...
Linux Linux Kernel
Fedoraproject Fedora 34
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Solidfire \\& Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp E-series Santricity Os Controller
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Netapp Fas Baseboard Management Controller Firmware -
Netapp Aff Baseboard Management Controller Firmware -
Netapp Aff A700s Firmware -
Netapp H700s Firmware -
Netapp H700e Firmware -
Netapp H500s Firmware -
Netapp H410s Firmware -
Netapp H500e Firmware -
Netapp H300e Firmware -
Netapp H300s Firmware -
Netapp Hci Compute Node Firmware -
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Communications Cloud Native Core Policy 22.2.0
Oracle Communications Cloud Native Core Network Exposure Function 22.1.1
1 Article
NA
CVE-2024-30403
A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved allows an unauthenticated, adjacent malicious user to cause a Denial of Service (DoS). When Layer 2 traffic is sent through a logical interface, MAC learning happen...
6.5
CVSSv2
CVE-2008-3081
Multiple unspecified "input validation" vulnerabilities in the Web management interface (aka Messaging Administration interface) in Avaya Message Storage Server (MSS) 3.x and 4.0, and possibly Communication Manager 3.1.x, allow remote authenticated administrators to exe...
Avaya Messaging Storage Server 3.1
Avaya Messaging Storage Server 4.0
Avaya Messaging Storage Server 3
4.3
CVSSv2
CVE-2020-7744
This affects all versions of package com.mintegral.msdk:alphab. The Android SDK distributed by the company contains malicious functionality in this module that tracks: 1. Downloads from Google urls either within Google apps or via browser including file downloads, e-mail attachme...
Mintegral Mintegraladsdk -
4.3
CVSSv2
CVE-2018-20677
In Bootstrap prior to 3.4.0, XSS is possible in the affix configuration target property.
Getbootstrap Bootstrap
1 Github repository
4.3
CVSSv2
CVE-2018-20676
In Bootstrap prior to 3.4.0, XSS is possible in the tooltip data-viewport attribute.
Getbootstrap Bootstrap
6.5
CVSSv2
CVE-2012-2415
Heap-based buffer overflow in chan_skinny.c in the Skinny channel driver in Asterisk Open Source 1.6.2.x prior to 1.6.2.24, 1.8.x prior to 1.8.11.1, and 10.x prior to 10.3.1 allows remote authenticated users to cause a denial of service or possibly have unspecified other impact v...
Asterisk Open Source 1.6.2.0
Asterisk Open Source 1.6.2.1
Asterisk Open Source 1.6.2.6
Asterisk Open Source 1.6.2.7
Asterisk Open Source 1.6.2.9
Asterisk Open Source 1.6.2.12
Asterisk Open Source 1.6.2.16
Asterisk Open Source 1.6.2.16.1
Asterisk Open Source 1.6.2.17.2
Asterisk Open Source 1.6.2.17.3
Asterisk Open Source 1.6.2.20
Asterisk Open Source 1.6.2.21
Asterisk Open Source 1.6.2.2
Asterisk Open Source 1.6.2.11
Asterisk Open Source 1.6.2.15
Asterisk Open Source 1.6.2.15.1
Asterisk Open Source 1.6.2.17
Asterisk Open Source 1.6.2.17.1
Asterisk Open Source 1.6.2.19
Asterisk Open Source 1.6.2.3
Asterisk Open Source 1.6.2.10
Asterisk Open Source 1.6.2.13
4.3
CVSSv2
CVE-2020-11022
In jQuery versions greater than or equal to 1.2 and prior to 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuer...
Jquery Jquery
Drupal Drupal
Debian Debian Linux 9.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Oracle Weblogic Server 12.1.3.0.0
Oracle Jdeveloper 11.1.1.9.0
Oracle Retail Back Office 14.1
Oracle Retail Back Office 14.0
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Weblogic Server 10.3.6.0.0
Oracle Communications Webrtc Session Controller 7.2
Oracle Weblogic Server 12.2.1.3.0
Oracle Agile Product Lifecycle Management For Process 6.2.0.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Application Testing Suite 13.3.0.1
Oracle Retail Returns Management 14.0
Oracle Retail Returns Management 14.1
Oracle Jdeveloper 12.2.1.3.0
Oracle Policy Automation Connector For Siebel 10.4.6
Oracle Financial Services Market Risk Measurement And Management 8.0.6
12 Github repositories
4.3
CVSSv2
CVE-2016-10735
In Bootstrap 3.x prior to 3.4.0 and 4.x-beta prior to 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.
Getbootstrap Bootstrap 4.0.0
Getbootstrap Bootstrap
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »