Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
on-premise vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-23166
Sysaid – Sysaid Local File Inclusion (LFI) – An unauthenticated attacker can access to the system by accessing to "/lib/tinymce/examples/index.html" path. in the "Insert/Edit Embedded Media" window Choose Type : iFrame and File/URL : [here is the L...
Sysaid Sysaid
7.5
CVSSv3
CVE-2022-22783
A vulnerability in Zoom On-Premise Meeting Connector Controller version 4.8.102.20220310 and On-Premise Meeting Connector MMR version 4.8.102.20220310 exposes process memory fragments to connected clients, which could be observed by a passive attacker.
Zoom Zoom On-premise Meeting Connector Controller 4.8.102.20220310
Zoom Zoom On-premise Meeting Connector Mmr 4.8.102.20220310
6.1
CVSSv3
CVE-2022-24799
wire-webapp is the web application interface for the wire messaging service. Insufficient escaping in markdown “code highlighting” in the wire-webapp resulted in the possibility of injecting and executing arbitrary HTML code and thus also JavaScript. If a user receive...
Wire Wire-webapp 2019-02-11
Wire Wire-webapp 2019-02-13
Wire Wire-webapp 2019-02-18
Wire Wire-webapp 2019-02-27
Wire Wire-webapp 2019-02-28
Wire Wire-webapp 2019-03-05
Wire Wire-webapp 2019-03-07
Wire Wire-webapp 2019-03-11
Wire Wire-webapp 2019-03-13
Wire Wire-webapp 2019-03-20
Wire Wire-webapp 2019-03-25
Wire Wire-webapp 2019-03-28
Wire Wire-webapp 2019-04-08
Wire Wire-webapp 2019-04-11
Wire Wire-webapp 2019-04-18
Wire Wire-webapp 2019-04-23
Wire Wire-webapp 2019-04-25
Wire Wire-webapp 2019-04-29
Wire Wire-webapp 2019-05-14
Wire Wire-webapp 2019-05-15
Wire Wire-webapp 2019-05-31
Wire Wire-webapp 2019-06-04
7.5
CVSSv3
CVE-2021-41119
Wire-server is the system server for the wire back-end services. Releases prior to v2022-03-01 are subject to a denial of service attack via a crafted object causing a hash collision. This collision causes the server to spend at least quadratic time parsing it which can lead to a...
Wire Wire-server
4.3
CVSSv3
CVE-2022-25266
Passwork On-Premise Edition prior to 4.6.13 allows migration/downloadExportFile Directory Traversal (to read files).
Passwork Passwork
8.8
CVSSv3
CVE-2022-25267
Passwork On-Premise Edition prior to 4.6.13 allows migration/uploadExportFile Directory Traversal (to upload files).
Passwork Passwork
8.8
CVSSv3
CVE-2022-25268
Passwork On-Premise Edition prior to 4.6.13 allows CSRF via the groups, password, and history subsystems.
Passwork Passwork
6.1
CVSSv3
CVE-2022-25269
Passwork On-Premise Edition prior to 4.6.13 has multiple XSS issues.
Passwork Passwork
8.1
CVSSv3
CVE-2022-23610
wire-server provides back end services for Wire, an open source messenger. In versions of wire-server prior to the 2022-01-27 release, it was possible to craft DSA Signatures to bypass SAML SSO and impersonate any Wire user with SAML credentials. In teams with SAML, but without S...
Wire Wire-server
2.3
CVSSv3
CVE-2022-23605
Wire webapp is a web client for the wire messaging protocol. In versions prior to 2022-01-27-production.0 expired ephemeral messages were not reliably removed from local chat history of Wire Webapp. In versions prior to 2022-01-27-production.0 ephemeral messages and assets might ...
Wire Wire-webapp 2016-07-29-17-00
Wire Wire-webapp 2016-08-04-15-44
Wire Wire-webapp 2016-08-23-09-31
Wire Wire-webapp 2016-08-24-10-10
Wire Wire-webapp 2016-08-29-14-54
Wire Wire-webapp 2016-09-08-15-38
Wire Wire-webapp 2016-09-19-14-01
Wire Wire-webapp 2016-09-28-14-58
Wire Wire-webapp 2016-10-11-15-34
Wire Wire-webapp 2016-10-18-08-10
Wire Wire-webapp 2016-10-25-08-17
Wire Wire-webapp 2016-10-26-18-58
Wire Wire-webapp 2016-11-03-16-09
Wire Wire-webapp 2016-11-08-15-06
Wire Wire-webapp 2016-12-01-12-57
Wire Wire-webapp 2016-12-13-15-12
Wire Wire-webapp 2017-01-23-12-12
Wire Wire-webapp 2017-02-01-14-49
Wire Wire-webapp 2017-02-17-10-10
Wire Wire-webapp 2017-02-24-13-06
Wire Wire-webapp 2017-03-08-17-32
Wire Wire-webapp 2017-03-14-15-05
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »