Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
session vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-12148
The Sangoma Session Border Controller (SBC) 2.3.23-119 GA web interface is vulnerable to an authentication bypass via an argument injection vulnerability involving special characters in the username field. Upon successful exploitation, a remote unauthenticated user can login into...
Sangoma Session Border Controller Firmware 2.3.23-119-ga
9.8
CVSSv3
CVE-2019-12147
The Sangoma Session Border Controller (SBC) 2.3.23-119 GA web interface is vulnerable to Argument Injection via special characters in the username field. Upon successful exploitation, a remote unauthenticated user can create a local system user with sudo privileges, and use that ...
Sangoma Session Border Controller Firmware 2.3.23-119-ga
6.1
CVSSv3
CVE-2020-1927
In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.
Apache Http Server
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
Netapp Oncommand Unified Manager Core Package -
Broadcom Brocade Fabric Operating System -
Oracle Sd-wan Aware 8.2
Oracle Instantis Enterprisetrack
Oracle Communications Element Manager 8.2.0
Oracle Communications Element Manager 8.2.1
Oracle Communications Element Manager 8.1.1
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Communications Session Report Manager 8.1.1
Oracle Communications Session Report Manager 8.2.0
Oracle Communications Session Report Manager 8.2.1
Oracle Communications Session Route Manager 8.1.1
Oracle Communications Session Route Manager 8.2.0
1 Github repository
9.8
CVSSv3
CVE-2018-11236
stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and previous versions, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentiall...
Gnu Glibc
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Virtualization Host 4.0
Oracle Enterprise Communications Broker 3.0.0
Oracle Enterprise Communications Broker 3.1.0
Oracle Communications Session Border Controller 8.1.0
Oracle Communications Session Border Controller 8.2.0
Oracle Communications Session Border Controller 8.0.0
Netapp Data Ontap Edge -
Netapp Element Software Management -
6.5
CVSSv3
CVE-2016-1467
Cisco Videoscape Session Resource Manager (VSRM) allows remote malicious users to cause a denial of service (device restart) by sending a traffic flood to upstream devices, aka Bug ID CSCva01813.
Cisco Videoscape Session Resource Manager -
9.8
CVSSv3
CVE-2020-11998
A regression has been introduced in the commit preventing JMX re-bind. By passing an empty environment map to RMIConnectorServer, instead of the map that contains the authentication credentials, it leaves ActiveMQ open to the following attack: https://docs.oracle.com/javase/8/doc...
Apache Activemq 5.15.12
Oracle Flexcube Private Banking 12.1.0
Oracle Flexcube Private Banking 12.0.0
Oracle Enterprise Repository 11.1.1.7.0
Oracle Communications Diameter Signaling Router
Oracle Communications Element Manager
Oracle Communications Session Route Manager
Oracle Communications Session Report Manager
1 Github repository
NA
CVE-2008-0530
Buffer overflow in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SCCP and SIP firmware might allow remote malicious users to execute arbitrary code via a crafted DNS response.
Cisco Skinny Client Control Protocol (sccp) Firmware
Cisco Session Initiation Protocol (sip) Firmware
NA
CVE-2008-0526
Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SCCP firmware allows remote malicious users to cause a denial of service (reboot) via a long ICMP echo request (ping) packet.
Cisco Skinny Client Control Protocol (sccp) Firmware
Cisco Session Initiation Protocol (sip) Firmware
NA
CVE-2008-0527
The HTTP server in Cisco Unified IP Phone 7935 and 7936 running SCCP firmware allows remote malicious users to cause a denial of service (reboot) via a crafted HTTP request.
Cisco Skinny Client Control Protocol (sccp) Firmware
Cisco Session Initiation Protocol (sip) Firmware
NA
CVE-2008-0528
Buffer overflow in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SIP firmware might allow remote malicious users to execute arbitrary code via a SIP message with crafted MIME data.
Cisco Skinny Client Control Protocol (sccp) Firmware
Cisco Session Initiation Protocol (sip) Firmware
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »