Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
on-premise vulnerabilities and exploits
(subscribe to this query)
446
VMScore
CVE-2022-22783
A vulnerability in Zoom On-Premise Meeting Connector Controller version 4.8.102.20220310 and On-Premise Meeting Connector MMR version 4.8.102.20220310 exposes process memory fragments to connected clients, which could be observed by a passive attacker.
Zoom Zoom On-premise Meeting Connector Controller 4.8.102.20220310
Zoom Zoom On-premise Meeting Connector Mmr 4.8.102.20220310
383
VMScore
CVE-2022-24799
wire-webapp is the web application interface for the wire messaging service. Insufficient escaping in markdown “code highlighting” in the wire-webapp resulted in the possibility of injecting and executing arbitrary HTML code and thus also JavaScript. If a user receive...
Wire Wire-webapp 2019-02-11
Wire Wire-webapp 2019-02-13
Wire Wire-webapp 2019-02-18
Wire Wire-webapp 2019-02-27
Wire Wire-webapp 2019-02-28
Wire Wire-webapp 2019-03-05
Wire Wire-webapp 2019-03-07
Wire Wire-webapp 2019-03-11
Wire Wire-webapp 2019-03-13
Wire Wire-webapp 2019-03-20
Wire Wire-webapp 2019-03-25
Wire Wire-webapp 2019-03-28
Wire Wire-webapp 2019-04-08
Wire Wire-webapp 2019-04-11
Wire Wire-webapp 2019-04-18
Wire Wire-webapp 2019-04-23
Wire Wire-webapp 2019-04-25
Wire Wire-webapp 2019-04-29
Wire Wire-webapp 2019-05-14
Wire Wire-webapp 2019-05-15
Wire Wire-webapp 2019-05-31
Wire Wire-webapp 2019-06-04
445
VMScore
CVE-2021-41119
Wire-server is the system server for the wire back-end services. Releases prior to v2022-03-01 are subject to a denial of service attack via a crafted object causing a hash collision. This collision causes the server to spend at least quadratic time parsing it which can lead to a...
Wire Wire-server
578
VMScore
CVE-2022-25267
Passwork On-Premise Edition prior to 4.6.13 allows migration/uploadExportFile Directory Traversal (to upload files).
Passwork Passwork
605
VMScore
CVE-2022-25268
Passwork On-Premise Edition prior to 4.6.13 allows CSRF via the groups, password, and history subsystems.
Passwork Passwork
356
VMScore
CVE-2022-25266
Passwork On-Premise Edition prior to 4.6.13 allows migration/downloadExportFile Directory Traversal (to read files).
Passwork Passwork
383
VMScore
CVE-2022-25269
Passwork On-Premise Edition prior to 4.6.13 has multiple XSS issues.
Passwork Passwork
455
VMScore
CVE-2022-23610
wire-server provides back end services for Wire, an open source messenger. In versions of wire-server prior to the 2022-01-27 release, it was possible to craft DSA Signatures to bypass SAML SSO and impersonate any Wire user with SAML credentials. In teams with SAML, but without S...
Wire Wire-server
188
VMScore
CVE-2022-23605
Wire webapp is a web client for the wire messaging protocol. In versions prior to 2022-01-27-production.0 expired ephemeral messages were not reliably removed from local chat history of Wire Webapp. In versions prior to 2022-01-27-production.0 ephemeral messages and assets might ...
Wire Wire-webapp 2016-07-29-17-00
Wire Wire-webapp 2016-08-04-15-44
Wire Wire-webapp 2016-08-23-09-31
Wire Wire-webapp 2016-08-24-10-10
Wire Wire-webapp 2016-08-29-14-54
Wire Wire-webapp 2016-09-08-15-38
Wire Wire-webapp 2016-09-19-14-01
Wire Wire-webapp 2016-09-28-14-58
Wire Wire-webapp 2016-10-11-15-34
Wire Wire-webapp 2016-10-18-08-10
Wire Wire-webapp 2016-10-25-08-17
Wire Wire-webapp 2016-10-26-18-58
Wire Wire-webapp 2016-11-03-16-09
Wire Wire-webapp 2016-11-08-15-06
Wire Wire-webapp 2016-12-01-12-57
Wire Wire-webapp 2016-12-13-15-12
Wire Wire-webapp 2017-01-23-12-12
Wire Wire-webapp 2017-02-01-14-49
Wire Wire-webapp 2017-02-17-10-10
Wire Wire-webapp 2017-02-24-13-06
Wire Wire-webapp 2017-03-08-17-32
Wire Wire-webapp 2017-03-14-15-05
188
VMScore
CVE-2022-21388
Vulnerability in the Oracle Communications Pricing Design Center product of Oracle Communications Applications (component: On Premise Install). Supported versions that are affected are 12.0.0.3.0 and 12.0.0.4.0. Easily exploitable vulnerability allows low privileged attacker with...
Oracle Communications Pricing Design Center 12.0.0.3.0
Oracle Communications Pricing Design Center 12.0.0.4.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »