Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
engine vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2018-1657
IBM Publishing Engine 2.1.2, 6.0.5, and 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. I...
Ibm Rational Publishing Engine 2.1.2
Ibm Rational Publishing Engine 6.0.5
Ibm Rational Publishing Engine 6.0.6
5
CVSSv2
CVE-2004-1805
Format string vulnerability in games using the Epic Games Unreal Engine 436 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in class names.
Epic Games Unreal Engine 436
Epic Games Unreal Engine 226f
Epic Games Unreal Engine 433
1 EDB exploit
5
CVSSv2
CVE-2006-1505
base_maintenance.php in Basic Analysis and Security Engine (BASE) prior to 1.2.4 (melissa), when running in standalone mode, allows remote malicious users to bypass authentication, possibly by setting the standalone parameter to "yes".
Basic Analysis And Security Engine Base 1.1.2 Zora
Basic Analysis And Security Engine Base 1.1.3 Lynn
Basic Analysis And Security Engine Base 1.2 Betty
Basic Analysis And Security Engine Base 1.1.4 Cheryl
Basic Analysis And Security Engine Base 1.1 Elizabeth
Basic Analysis And Security Engine Base 1.2.1 Kris
Basic Analysis And Security Engine Base 1.2.2 Cindy
5
CVSSv2
CVE-2019-1020015
graphql-engine (aka Hasura GraphQL Engine) prior to 1.0.0-beta.3 mishandles the audience check while verifying JWT.
Hasura Graphql Engine
Hasura Graphql Engine 1.0.0
4.3
CVSSv2
CVE-2005-3966
Cross-site scripting (XSS) vulnerability in search.jsp in Java Search Engine (JSE) 0.9.34 allows remote malicious users to inject arbitrary web script or HTML via the q parameter.
Java Search Engine Java Search Engine 0.9.34
1 EDB exploit
5
CVSSv2
CVE-2009-0046
Sun GridEngine 5.3 and previous versions does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote malicious users to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulne...
Sun Grid Engine 5.3
Sun Grid Engine
3.5
CVSSv2
CVE-2021-36911
Stored Cross-Site Scripting (XSS) vulnerability discovered in WordPress Comment Engine Pro plugin (versions <= 1.0), could be exploited by users with Editor or higher role.
Comment Engine Pro Project Comment Engine Pro
7.5
CVSSv2
CVE-2007-2676
PHP remote file inclusion vulnerability in skins/header.php in Open Translation Engine (OTE) 0.7.8 allows remote malicious users to execute arbitrary PHP code via a URL in the ote_home parameter.
Open Translation Engine Open Translation Engine 0.7.8
1 EDB exploit
5.5
CVSSv2
CVE-2020-3467
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote malicious user to modify parts of the configuration on an affected device. The vulnerability is due to improper enforcement of role-based access cont...
Cisco Identity Services Engine
Cisco Identity Services Engine 2.4\\(0.357\\)
Cisco Identity Services Engine 2.4.0.357
Cisco Identity Services Engine 2.5
Cisco Identity Services Engine 2.6\\(0.156\\)
Cisco Identity Services Engine 2.6.0
Cisco Identity Services Engine 2.6.0.156
Cisco Identity Services Engine 2.7
Cisco Identity Services Engine 2.7\\(0.356\\)
Cisco Identity Services Engine 2.7.0.356
6.8
CVSSv2
CVE-2015-4267
Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Identity Services Engine (ISE) 1.2(0.793), 1.3(0.876), 1.4(0.109), 2.0(0.147), and 2.0(0.169) allows remote malicious users to hijack the authentication of arbitrary users, aka Bug ID CSCus09940.
Cisco Identity Services Engine Software 1.3\\(0.876\\)
Cisco Identity Services Engine Software 1.4\\(0.876\\)
Cisco Identity Services Engine Software 1.4\\(0.181\\)
Cisco Identity Services Engine Software 2.0\\(0.147\\)
Cisco Identity Services Engine Software 1.2\\(0.793\\)
Cisco Identity Services Engine Software 2.0\\(0.169\\)
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »