Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
audit vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2021-44035
Wolters Kluwer TeamMate AM 12.4 Update 1 mishandles attachment uploads, such that an authenticated user may download and execute malicious files.
Wolterskluwer Teammate Audit Management 12.4
3
CVSSv3
CVE-2024-20910
Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Supported versions that are affected are 20.1-20.9. Difficult to exploit vulnerability allows high privileged attacker with network access via Oracle Net to compromise Oracle Audit Vault and Database...
Oracle Audit Vault And Database Firewall
2.7
CVSSv3
CVE-2024-20912
Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Supported versions that are affected are 20.1-20.9. Easily exploitable vulnerability allows high privileged attacker with network access via Oracle Net to compromise Oracle Audit Vault and Database F...
Oracle Audit Vault And Database Firewall
7.6
CVSSv3
CVE-2024-20924
Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Supported versions that are affected are 20.1-20.9. Difficult to exploit vulnerability allows high privileged attacker with network access via Oracle Net to compromise Oracle Audit Vault and Database...
Oracle Audit Vault And Database Firewall
NA
CVE-2005-4536
Mail::Audit module in libmail-audit-perl 2.1-5, when logging is enabled without a default log file specified, uses predictable log filenames, which allows local users to overwrite arbitrary files via a symlink attack on the [PID]-audit.log temporary file.
Debian Libmail-audit-perl 2.1-5
5.3
CVSSv3
CVE-2018-8719
An issue exists in the WP Security Audit Log plugin 3.1.1 for WordPress. Access to wp-content/uploads/wp-security-audit-log/* files is not restricted. For example, these files are indexed by Google and allows for malicious users to possibly find sensitive information.
Wpsecurityauditlog Wp Security Audit Log 3.1.1
1 EDB exploit
NA
CVE-2014-9736
GE Healthcare Centricity Clinical Archive Audit Trail Repository has a default password of initinit for the (1) SSL key manager and (2) server keystore; (3) keystore_password for the server truststore; and atna for the (4) primary storage database and (5) archive storage database...
Gehealthcare Centricity Clinical Archive Audit Trail Repository
NA
CVE-2010-3125
Untrusted search path vulnerability in TeamMate Audit Management Software Suite 8.0 patch 2 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse mfc71enu.dll that is located in the same folder as a .tmx ...
Wolterskluwer Teammate Audit Management Software Suite 8.0
1 EDB exploit
8.1
CVSSv3
CVE-2020-10650
A deserialization flaw exists in jackson-databind up to and including 2.9.10.4. It could allow an unauthenticated user to perform code execution via ignite-jta or quartz-core: org.apache.ignite.cache.jta.jndi.CacheJndiTmLookup, org.apache.ignite.cache.jta.jndi.CacheJndiTmFactory,...
Fasterxml Jackson-databind
Oracle Retail Merchandising System 15.0
Oracle Retail Sales Audit 14.1
9.8
CVSSv3
CVE-2020-25848
HGiga MailSherlock contains weak authentication flaw that attackers grant privilege remotely with default password generation mechanism.
Hgiga Msr45 Isherlock-antispam
Hgiga Msr45 Isherlock-audit
Hgiga Msr45 Isherlock-base
Hgiga Msr45 Isherlock-user
Hgiga Msr45 Isherlock-useradmin
Hgiga Ssr45 Isherlock-antispam
Hgiga Ssr45 Isherlock-audit
Hgiga Ssr45 Isherlock-base
Hgiga Ssr45 Isherlock-user
Hgiga Ssr45 Isherlock-useradmin
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »