Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
se vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-1827
Cross-site scripting (XSS) vulnerability in YaBB 1 Gold(SP1.3) and YaBB SE 1.5.1 Final allows remote malicious users to inject arbitrary web script via the background:url property in (1) glow or (2) shadow tags.
Yabb Yabb 1 Gold - Sp 1.3
Simple Machines Simple Machines Smf 1.0 B
Yabb Yabb 1.5.1
1 EDB exploit
NA
CVE-2009-1671
Multiple buffer overflows in the Deployment Toolkit ActiveX control in deploytk.dll 6.0.130.3 in Sun Java SE Runtime Environment (aka JRE) 6 Update 13 allow remote malicious users to execute arbitrary code via a long string argument to the (1) setInstallerType, (2) setAdditionalP...
Sun Jre 6
1 EDB exploit
NA
CVE-2009-1672
The Deployment Toolkit ActiveX control in deploytk.dll 6.0.130.3 in Sun Java SE Runtime Environment (aka JRE) 6 Update 13 allows remote malicious users to (1) execute arbitrary code via a .jnlp URL in the argument to the launch method, and might allow remote malicious users to la...
Sun Jre 6
1 EDB exploit
NA
CVE-2014-2143
The IKE implementation in Cisco IOS 15.4(1)T and previous versions and IOS XE allows remote malicious users to cause a denial of service (security-association drop) via crafted Main Mode packets, aka Bug ID CSCun31021.
Cisco Ios 15.3s
Cisco Ios 15.4
Cisco Ios Xe -
Cisco Ios
Cisco Ios 15.0\\(1\\)se
Cisco Ios 15.3\\(3\\)m
Cisco Ios 15.3\\(3\\)m2
Cisco Ios 15.1
Cisco Ios 15.2
Cisco Ios 15.3
Cisco Ios 15.3\\(2\\)s
Cisco Ios 15.0
Cisco Ios 15.3\\(3\\)m1
Cisco Ios 15.3\\(3\\)s
7.5
CVSSv3
CVE-2016-1349
The Smart Install client implementation in Cisco IOS 12.2, 15.0, and 15.2 and IOS XE 3.2 up to and including 3.7 allows remote malicious users to cause a denial of service (device reload) via crafted image list parameters in a Smart Install packet, aka Bug ID CSCuv45410.
Cisco Ios Xe 3.3se 3.3.3se
Cisco Ios Xe 3.3se 3.3.2se
Cisco Ios Xe 3.4sg 3.4.3sg
Cisco Ios Xe 3.3xo 3.3.2xo
Cisco Ios Xe 3.7e 3.7.1e
Cisco Ios Xe 3.6e 3.6.2ae
Cisco Ios Xe 3.6e 3.6.1e
Cisco Ios Xe 3.6e 3.6.0e
Cisco Ios Xe 3.5e 3.5.3e
Cisco Ios Xe 3.3xo 3.3.1xo
Cisco Ios Xe 3.5e 3.5.0e
Cisco Ios Xe 3.2se 3.2.1se
Cisco Ios Xe 3.3xo 3.3.0xo
Cisco Ios 12.2\\\\\\(60\\\\\\)ez8
Cisco Ios 12.2\\\\\\(60\\\\\\)ez7
Cisco Ios 15.2\\\\\\(3\\\\\\)e1
Cisco Ios 12.2\\\\\\(60\\\\\\)ez5
Cisco Ios 12.2\\\\\\(60\\\\\\)ez4
Cisco Ios 15.0\\\\\\(2\\\\\\)ej1
Cisco Ios 15.2\\\\\\(1\\\\\\)e1
Cisco Ios 15.0\\\\\\(2\\\\\\)ex4
Cisco Ios 15.0\\\\\\(2\\\\\\)se5
8.6
CVSSv3
CVE-2021-21349
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote malicious user to request data from internal resources that are not publicly available only by manipulating the processed inpu...
Xstream Project Xstream
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Oracle Banking Platform 2.4.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 11.1.1.9.0
Oracle Communications Unified Inventory Management 7.3.2
Oracle Communications Unified Inventory Management 7.3.4
Oracle Communications Unified Inventory Management 7.3.5
Oracle Communications Unified Inventory Management 7.4.0
Oracle Communications Policy Management 12.5.0
Oracle Webcenter Portal 12.2.1.4.0
Oracle Banking Platform 2.7.1
Oracle Banking Platform 2.9.0
Oracle Banking Virtual Account Management 14.3.0
Oracle Communications Billing And Revenue Management Elastic Charging Engine 12.0.0.3.0
Oracle Business Activity Monitoring 12.2.1.3.0
Oracle Business Activity Monitoring 11.1.1.9.0
1 Github repository
6.1
CVSSv3
CVE-2018-19769
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "UserProperties.jsp" has reflected XSS via the ConnPoolName parameter.
Infovista Vistaportal 5.1
6.1
CVSSv3
CVE-2018-19809
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/GroupCopy.jsp" has reflected XSS via the ConnPoolName, GroupId, or type parameter.
Infovista Vistaportal 5.1
6.1
CVSSv3
CVE-2018-19649
XSS exists in InfoVista VistaPortal SE Version 5.1 (build 51029). VPortal/mgtconsole/RolePermissions.jsp has reflected XSS via the ConnPoolName parameter.
Infovista Vistaportal 5.1
6.1
CVSSv3
CVE-2018-19765
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "EditCurrentPresentSpace.jsp" has reflected XSS via the ConnPoolName, GroupId, and ParentId parameters.
Infovista Vistaportal 5.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »