Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ignite vulnerabilities and exploits
(subscribe to this query)
3.3
CVSSv2
CVE-2007-4590
The get_system_info command in Ignite-UX C.7.0 through C.7.3, and DynRootDisk (DRD) A.1.0.16.417 through A.2.0.0.592, on HP-UX B.11.11, B.11.23, and B.11.31 does not inform local users of networking changes made by the command, which has unknown impact and attack vectors.
Hp Dynrootdisk A.1.0.16.417
Hp Dynrootdisk A.2.0.0.592
Hp Dynrootdisk A.1.0.18.245
Hp Dynrootdisk A.1.1.0.344
Hp Hp-ux 11.23
Hp Hp-ux 11.31
Hp Hp-ux 11.11
Hp Ignite-ux C.7.1.92
Hp Ignite-ux C.7.2.93
Hp Ignite-ux C.7.3.144
Hp Ignite-ux C.7.0.212
7.5
CVSSv2
CVE-2007-2975
The admin console in Ignite Realtime Openfire 3.3.0 and previous versions (formerly Wildfire) does not properly specify a filter mapping in web.xml, which allows remote malicious users to gain privileges and execute arbitrary code by accessing functionality that is exposed throug...
Ignite Realtime Openfire 3.2.1
Ignite Realtime Openfire 3.1.1
Ignite Realtime Openfire 3.0.1
Ignite Realtime Openfire
Ignite Realtime Openfire 3.2.4
Ignite Realtime Openfire 3.2.3
Ignite Realtime Openfire 3.2.2
Ignite Realtime Openfire 3.0.0
Ignite Realtime Openfire 2.6.2
Ignite Realtime Openfire 2.6.1
Ignite Realtime Openfire 2.6.0
Ignite Realtime Openfire 3.2.0
Ignite Realtime Openfire 3.1.0
4.3
CVSSv2
CVE-2006-7233
Cross-site scripting (XSS) vulnerability in the login form (login.jsp) of the admin console in Openfire (formerly Wildfire) 2.6.0, and possibly other versions prior to 3.5.3, allows remote malicious users to inject arbitrary web script or HTML via the url parameter.
Ignite Realtime Openfire 2.6.0
Ignite Realtime Openfire
10
CVSSv2
CVE-2006-5151
Unspecified vulnerability in HP Ignite-UX server before C.6.9.150 for HP-UX B.11.00, B.11.11, and B.11.23 allows remote malicious users to "gain root access" via unspecified vectors.
Hp Hp-ux 11.11
Hp Hp-ux 11.23
Hp Hp-ux 11.00
4.3
CVSSv2
CVE-2005-4876
Cross-site scripting (XSS) vulnerability in the login form (login.jsp) of the admin console in Openfire (formerly Wildfire) 2.2.2, and possibly other versions prior to 2.3.0 Beta 2, allows remote malicious users to inject arbitrary web script or HTML via the username parameter, a...
Ignite Realtime Openfire 2.2.2
4.3
CVSSv2
CVE-2005-4877
Cross-site scripting (XSS) vulnerability in the login form (login.jsp) of the admin console in Openfire (formerly Wildfire) 2.3.0 Beta 2 allows remote malicious users to inject arbitrary web script or HTML via Javascript events in the username parameter, a different vulnerability...
Ignite Realtime Openfire 2.3.0
6.4
CVSSv2
CVE-2004-0952
HP-UX B.11.00 through B.11.23, when running Ignite-UX and using the add_new_client command, causes the TFTP server to set world-writable permissions on part of the directory tree, which allows remote malicious users to modify data or cause disk consumption.
Hp Hp-ux 11.11
Hp Hp-ux 11.22
Hp Hp-ux 11.00
Hp Hp-ux 11.23
7.5
CVSSv2
CVE-2004-0951
The make_recovery command for the TFTP server in HP Ignite-UX before C.6.2.241 makes a copy of the password file in the TFTP directory tree, which allows remote malicious users to obtain sensitive information.
Hp Ignite-ux C.6.2.241
7.5
CVSSv2
CVE-2000-0159
HP Ignite-UX does not save /etc/passwd when it creates an image of a trusted system, which can set the password field to a blank and allow an malicious user to gain privileges.
Hp Hp-ux 11.00
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6