Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
database server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-40726
A vulnerability has been identified in QMS Automotive (All versions < V12.39). The affected application server responds with sensitive information about the server. This could allow an malicious user to directly access the database.
Siemens Qms Automotive
NA
CVE-2023-40309
SAP CommonCryptoLib does not perform necessary authentication checks, which may result in missing or wrong authorization checks for an authenticated user, resulting in escalation of privileges. Depending on the application and the level of privileges acquired, an attacker could a...
Sap Netweaver Application Server Abap Kernel 7.53
Sap Netweaver Application Server Abap Kernel 7.77
Sap Web Dispatcher 7.53
Sap Web Dispatcher 7.77
Sap Web Dispatcher 7.22ext
Sap Content Server 7.53
Sap Web Dispatcher 7.85
Sap Netweaver Application Server Abap Kernel 7.22
Sap Netweaver Application Server Abap Kernel 8.04
Sap Netweaver Application Server Abap 7.22ext
Sap Netweaver Application Server Abap Kernel 7.85
Sap Web Dispatcher 7.89
Sap Web Dispatcher 7.54
Sap Netweaver Application Server Abap Kernel 7.89
Sap Netweaver Application Server Abap Kernel 7.54
Sap Netweaver Application Server Abap Kernel 7.92
Sap Netweaver Application Server Abap Kernel 7.93
Sap Content Server 6.50
Sap Content Server 7.54
Sap Hana Database 2.0
Sap Host Agent 722
Sap Extended Application Services And Runtime 1.0
NA
CVE-2023-40308
SAP CommonCryptoLib allows an unauthenticated malicious user to craft a request, which when submitted to an open port causes a memory corruption error in a library which in turn causes the target component to crash making it unavailable. There is no ability to view or modify any ...
Sap Netweaver Application Server Abap Kernel 7.53
Sap Netweaver Application Server Abap Kernel 7.77
Sap Web Dispatcher 7.53
Sap Web Dispatcher 7.77
Sap Web Dispatcher 7.22ext
Sap Content Server 7.53
Sap Web Dispatcher 7.85
Sap Netweaver Application Server Abap Kernel 7.22
Sap Netweaver Application Server Abap Kernel 8.04
Sap Netweaver Application Server Abap 7.22ext
Sap Netweaver Application Server Abap Kernel 7.85
Sap Web Dispatcher 7.89
Sap Web Dispatcher 7.54
Sap Netweaver Application Server Abap Kernel 7.89
Sap Netweaver Application Server Abap Kernel 7.54
Sap Netweaver Application Server Abap Kernel 7.92
Sap Netweaver Application Server Abap Kernel 7.93
Sap Content Server 6.50
Sap Content Server 7.54
Sap Hana Database 2.0
Sap Host Agent 722
Sap Extended Application Services And Runtime 1.0
NA
CVE-2023-20269
A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote malicious user to conduct a brute force attack in an attempt to identify valid username an...
Cisco Adaptive Security Appliance Software 9.16.1
Cisco Adaptive Security Appliance Software 7.0.3
Cisco Adaptive Security Appliance Software 7.0.4
Cisco Adaptive Security Appliance Software 7.0.1
Cisco Adaptive Security Appliance Software 7.0.2
Cisco Adaptive Security Appliance Software 7.0.6
Cisco Adaptive Security Appliance Software 7.0.5
Cisco Adaptive Security Appliance Software 7.2.3
Cisco Adaptive Security Appliance Software 7.2.2
Cisco Adaptive Security Appliance Software 7.2.4
Cisco Adaptive Security Appliance Software 7.2.5
Cisco Adaptive Security Appliance Software 7.2.1
Cisco Adaptive Security Appliance Software 9.8.2
Cisco Adaptive Security Appliance Software 9.8.3.18
Cisco Adaptive Security Appliance Software 9.8.3.26
Cisco Adaptive Security Appliance Software 9.12.2
Cisco Adaptive Security Appliance Software 9.8.2.24
Cisco Adaptive Security Appliance Software 9.8.3.16
Cisco Adaptive Security Appliance Software 9.8.4.29
Cisco Adaptive Security Appliance Software 9.12.2.5
Cisco Adaptive Security Appliance Software 9.12.4.4
Cisco Adaptive Security Appliance Software 9.8.2.20
1 Github repository
4 Articles
NA
CVE-2023-4588
File accessibility vulnerability in Delinea Secret Server, in its v10.9.000002 and v11.4.000002 versions. Exploitation of this vulnerability could allow an authenticated user with administrative privileges to create a backup file in the application's webroot directory, chang...
Delinea Secret Server 11.4.000002
Delinea Secret Server 10.9.000002
NA
CVE-2023-25848
ArcGIS Enterprise Server versions 11.0 and below have an information disclosure vulnerability where a remote, unauthorized attacker may submit a crafted query that may result in a low severity information disclosure issue. The information disclosed is limited to a single attribu...
Esri Arcgis Server
NA
CVE-2023-38201
A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This issue may allow an malicious user to impersonate an agent and hide the true status of a monitored machine if the fake agent is added to the verif...
Keylime Keylime
Redhat Enterprise Linux 9.0
Redhat Enterprise Linux Server Aus 9.2
Redhat Enterprise Linux Eus 9.2
Redhat Enterprise Linux For Power Little Endian Eus 9.2 Ppc64le
Redhat Enterprise Linux For Power Little Endian 9.0 Ppc64le
Redhat Enterprise Linux For Ibm Z Systems Eus 9.2 S390x
Redhat Enterprise Linux For Ibm Z Systems 9.0 S390x
Fedoraproject Fedora 38
NA
CVE-2023-3264
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier uses hard-coded credentials for all interactions with the internal Postgres database. A malicious agent with the ability to execute operating system commands on the device can leverage this vulnerability to...
Cyberpower Powerpanel Server
Dataprobe Iboot-pdu4a-c10 Firmware
Dataprobe Iboot-pdu4a-c20 Firmware
Dataprobe Iboot-pdu4a-n15 Firmware
Dataprobe Iboot-pdu4a-n20 Firmware
Dataprobe Iboot-pdu4-c20 Firmware
Dataprobe Iboot-pdu4-n20 Firmware
Dataprobe Iboot-pdu4sa-c10 Firmware
Dataprobe Iboot-pdu4sa-c20 Firmware
Dataprobe Iboot-pdu4sa-n15 Firmware
Dataprobe Iboot-pdu4sa-n20 Firmware
Dataprobe Iboot-pdu8a-2c10 Firmware
Dataprobe Iboot-pdu8a-2c20 Firmware
Dataprobe Iboot-pdu8a-2n15 Firmware
Dataprobe Iboot-pdu8a-2n20 Firmware
Dataprobe Iboot-pdu8a-c10 Firmware
Dataprobe Iboot-pdu8a-c20 Firmware
Dataprobe Iboot-pdu8a-n15 Firmware
Dataprobe Iboot-pdu8a-n20 Firmware
Dataprobe Iboot-pdu8sa-2n15 Firmware
Dataprobe Iboot-pdu8sa-c10 Firmware
Dataprobe Iboot-pdu8sa-n15 Firmware
NA
CVE-2023-39417
IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-...
Postgresql Postgresql
Redhat Enterprise Linux 8.0
Redhat Software Collections -
Redhat Enterprise Linux 9.0
Debian Debian Linux 8.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
NA
CVE-2023-39954
user_oidc provides the OIDC connect user backend for Nextcloud, an open-source cloud platform. Starting in version 1.0.0 and prior to version 1.3.3, an attacker that obtained at least read access to a snapshot of the database can impersonate the Nextcloud server towards linked se...
Nextcloud User Oidc
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »