Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
health vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-44160
Carinal Tien Hospital Health Report System’s login page has improper authentication, a remote attacker can acquire another general user’s privilege by modifying the cookie parameter without authentication. The attacker can then perform limited operations on the system...
Cth Carinal Tien Hospital Health Report System -
4.3
CVSSv2
CVE-2017-5906
The Everyday Health Diabetes in Check: Blood Glucose & Carb Tracker app 3.4.2 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Everyday Health Inc Diabetes In Check Blood Glucose & Carb Tracker
NA
CVE-2023-20229
A vulnerability in the CryptoService function of Cisco Duo Device Health Application for Windows could allow an authenticated, local attacker with low privileges to conduct directory traversal attacks and overwrite arbitrary files on an affected system. This vulnerability is due ...
Cisco Duo Device Health Application
6.5
CVSSv2
CVE-2019-4546
After installing the IBM Maximo Health- Safety and Environment Manager 7.6.1, a user is granted additional privileges that they are not normally allowed to access. IBM X-Force ID: 165948.
Ibm Maximo Health, Safety And Environment Manager 7.6.1
Ibm Maximo For Oil And Gas 7.6.1
NA
CVE-2021-3914
It was found that the smallrye health metrics UI component did not properly sanitize some user inputs. An attacker could use this flaw to conduct cross-site scripting attacks.
Redhat Openshift Application Runtimes 1.0
Redhat Build Of Quarkus -
Redhat Build Of Quarkus
Redhat Smallrye Health -
4.3
CVSSv2
CVE-2021-4160
There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing privat...
Openssl Openssl 3.0.0
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Oracle Jd Edwards World Security A9.4
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Jd Edwards Enterpriseone Tools 9.2.6.3
Oracle Health Sciences Inform Publisher 6.3.1.1
Oracle Health Sciences Inform Publisher 6.2.1.1
Siemens Sinec Ins 1.0
Siemens Sinec Ins
Oracle Enterprise Manager Ops Center 12.4.0.0
4 Github repositories
5.8
CVSSv2
CVE-2019-17569
The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility of HTTP Request Smuggling if Tomca...
Apache Tomcat
Apache Tomee 7.0.7
Opensuse Leap 15.1
Netapp Oncommand System Manager
Netapp Data Availability Services -
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Oracle Transportation Management 6.3.7
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
Oracle Agile Plm 9.3.3
Oracle Agile Plm 9.3.5
Oracle Agile Plm 9.3.6
Oracle Instantis Enterprisetrack
Oracle Mysql Enterprise Monitor
Oracle Health Sciences Empirica Signal 7.3.3
Oracle Communications Instant Messaging Server 10.0.1.4.0
Oracle Workload Manager 18c
Oracle Workload Manager 19c
Oracle Workload Manager 12.2.0.1
Oracle Agile Engineering Data Management 6.2.1.0
Oracle Health Sciences Empirica Inspections 1.0.1.2
5.8
CVSSv2
CVE-2020-1935
In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located be...
Apache Tomcat 9.0.0
Apache Tomcat
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
Netapp Oncommand System Manager
Netapp Data Availability Services -
Oracle Transportation Management 6.3.7
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
Oracle Retail Order Broker 15.0
Oracle Agile Product Lifecycle Management 9.3.3
Oracle Agile Product Lifecycle Management 9.3.5
Oracle Agile Product Lifecycle Management 9.3.6
Oracle Instantis Enterprisetrack
Oracle Health Sciences Empirica Signal 7.3.3
Oracle Communications Instant Messaging Server 10.0.1.4.0
Oracle Communications Element Manager 8.2.0
Oracle Communications Element Manager 8.2.1
Oracle Communications Element Manager 8.1.1
7.5
CVSSv2
CVE-2020-1938
When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exp...
Apache Tomcat
Apache Geode 1.12.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Oracle Transportation Management 6.3.7
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
Oracle Agile Plm 9.3.3
Oracle Agile Plm 9.3.5
Oracle Agile Plm 9.3.6
Oracle Instantis Enterprisetrack
Oracle Mysql Enterprise Monitor
Oracle Health Sciences Empirica Signal 7.3.3
Oracle Communications Instant Messaging Server 10.0.1.4.0
Oracle Communications Element Manager 8.2.0
Oracle Communications Element Manager 8.2.1
Oracle Communications Element Manager 8.1.1
Oracle Workload Manager 18c
Oracle Workload Manager 19c
Oracle Workload Manager 12.2.0.1
Oracle Agile Engineering Data Management 6.2.1.0
57 Github repositories
1 Article
9
CVSSv2
CVE-2016-0635
Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2, and 12.3.2; the Oracle Health Sciences Information Manager component in Oracle Health Sciences Applications 1.2.8.3, 2.0.2.3, and 3.0.1.0; the Oracle...
Oracle Documaker
Oracle Insurance Policy Administration J2ee 10.2.2
Oracle Insurance Calculation Engine 10.2.2
Oracle Insurance Policy Administration J2ee 10.2.0
Oracle Insurance Calculation Engine 10.1.2
Oracle Insurance Rules Palette 10.1.2
Oracle Insurance Rules Palette 9.7.1
Oracle Insurance Policy Administration J2ee 9.7.1
Oracle Enterprise Manager Ops Center 12.2.2
Oracle Insurance Rules Palette 10.2.2
Oracle Primavera P6 Enterprise Project Portfolio Management 8.2
Oracle Retail Order Broker Cloud Service 5.1
Oracle Insurance Rules Palette 10.0.1
Oracle Insurance Calculation Engine 9.7.1
Oracle Primavera P6 Enterprise Project Portfolio Management 8.3
Oracle Insurance Policy Administration J2ee 10.0.1
Oracle Primavera P6 Enterprise Project Portfolio Management 15.1
Oracle Primavera Contract Management 14.2
Oracle Insurance Policy Administration J2ee 9.6.1
Oracle Health Sciences Information Manager 1.2.8.3
Oracle Enterprise Manager Ops Center 12.3.2
Oracle Health Sciences Information Manager 3.0.1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »