Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unauthorized vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2004-2636
TinyWeb 1.9 allows remote malicious users to read source code of scripts via "/./" in the URL.
1 EDB exploit
7.5
CVSSv2
CVE-2005-0316
WebWasher Classic 2.2.1 and 3.3, when running in server mode, does not properly drop CONNECT requests to the localhost from external systems, which could allow remote malicious users to bypass intended access restrictions.
Webwasher Webwasher Classic 2.2.1
Webwasher Webwasher Classic 3.3
1 EDB exploit
6.5
CVSSv2
CVE-2018-19359
GitLab Community and Enterprise Edition 8.9 and later and prior to 11.5.0-rc12, 11.4.6, and 11.3.10 has Incorrect Access Control.
Gitlab Gitlab 11.5.0
Gitlab Gitlab
6.5
CVSSv2
CVE-2017-12251
A vulnerability in the web console of the Cisco Cloud Services Platform (CSP) 2100 could allow an authenticated, remote malicious user to interact maliciously with the services or virtual machines (VMs) operating remotely on an affected CSP device. The vulnerability is due to wea...
Cisco Cloud Services Platform 2100 2.1.0
Cisco Cloud Services Platform 2100 2.2.2
Cisco Cloud Services Platform 2100 2.1.1
Cisco Cloud Services Platform 2100 2.1.2
Cisco Cloud Services Platform 2100 2.2.0
Cisco Cloud Services Platform 2100 2.2.1
5
CVSSv2
CVE-2015-2073
The File RepositoRy Server (FRS) CORBA listener in SAP BussinessObjects Edge 4.0 allows remote malicious users to read arbitrary files via a full pathname, aka SAP Note 2018682.
Sap Businessobjects Edge 4.0
5
CVSSv2
CVE-2015-2074
The File Repository Server (FRS) CORBA listener in SAP BussinessObjects Edge 4.0 allows remote malicious users to write to arbitrary files via a full pathname, aka SAP Note 2018681.
Sap Businessobjects Edge 4.0
6.5
CVSSv2
CVE-2015-0768
The Device Work Center (DWC) component in Cisco Prime Network Control System (NCS) 2.1(0.0.85), 2.2(0.0.58), and 2.2(0.0.69) does not properly implement AAA roles, which allows remote authenticated users to bypass intended access restrictions and execute commands via a login sess...
Cisco Prime Network Control System 2.1\\(0.0.85\\)
Cisco Prime Network Control System 2.2\\(0.0.58\\)
Cisco Prime Network Control System 2.2\\(0.0.69\\)
5
CVSSv2
CVE-2017-6629
A vulnerability in the ImageID parameter of Cisco Unity Connection 10.5(2) could allow an unauthenticated, remote malicious user to access files in arbitrary locations on the filesystem of an affected device. The issue is due to improper sanitization of user-supplied input in HTT...
Cisco Unity Connection 10.5\\(2\\)
2.1
CVSSv2
CVE-2017-6693
A vulnerability in the ConfD server component of Cisco Elastic Services Controllers could allow an authenticated, local malicious user to access information stored in the file system of an affected system, aka Unauthorized Directory Access. More Information: CSCvd76286. Known Aff...
Cisco Elastic Services Controller 2.2\\(9.76\\)
Cisco Elastic Services Controller 2.3\\(1\\)
4
CVSSv2
CVE-2015-4225
Cisco Application Policy Infrastructure Controller (APIC) 1.0(1.110a) and 1.0(1e) on Nexus 9000 devices does not properly implement RBAC health scoring, which allows remote authenticated users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuq77485.
Cisco Nx-os 1.0\\(1.110a\\)
Cisco Nx-os 1.0\\(1e\\)
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »