Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oncommand system manager vulnerabilities and exploits
(subscribe to this query)
790
VMScore
CVE-2015-7871
Crypto-NAK packets in ntpd in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote malicious users to bypass authentication.
Ntp Ntp 4.2.5
Ntp Ntp
Ntp Ntp 4.2.8
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Oncommand Balance -
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
405
VMScore
CVE-2015-7855
The decodenetnum function in ntpd in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote malicious users to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.
Ntp Ntp
Ntp Ntp 4.2.8
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Oncommand Balance -
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
Siemens Tim 4r-ie Firmware
Siemens Tim 4r-ie Dnp3 Firmware
1 EDB exploit
231
VMScore
CVE-2019-7317
png_image_free in png.c in libpng 1.6.x prior to 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
Libpng Libpng
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
Oracle Jdk 11.0.3
Oracle Jdk 12.0.1
Oracle Java Se 8u212
Oracle Java Se 7u221
Oracle Mysql
Oracle Hyperion Infrastructure Technology 11.2.6.0
Hpe Xp7 Command View Advanced Edition Suite
Hp Xp7 Command View
Mozilla Thunderbird -
Mozilla Firefox Esr -
Opensuse Leap 42.3
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Package Hub -
Netapp Cloud Backup -
668
VMScore
CVE-2015-7705
The rate limiting feature in NTP 4.x prior to 4.2.8p4 and 4.3.x prior to 4.3.77 allows remote malicious users to have unspecified impact via a large number of crafted requests.
Ntp Ntp
Ntp Ntp 4.2.8
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
Citrix Xenserver 6.0.2
Citrix Xenserver 6.2.0
Citrix Xenserver 6.5
Citrix Xenserver 7.0
Siemens Tim 4r-ie Firmware
Siemens Tim 4r-ie Dnp3 Firmware
578
VMScore
CVE-2015-8322
NetApp OnCommand System Manager 8.3.x prior to 8.3.2 allows remote authenticated users to execute arbitrary code via unspecified vectors.
Netapp Data Ontap 8.3
Netapp Data Ontap 8.3.1
606
VMScore
CVE-2019-17531
A Polymorphic Typing issue exists in FasterXML jackson-databind 2.0.0 up to and including 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in ...
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Redhat Jboss Enterprise Application Platform 7.2
Redhat Jboss Enterprise Application Platform 7.3
Oracle Banking Platform 2.4.0
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Banking Platform 2.4.1
Oracle Primavera Gateway 16.1
Oracle Primavera Gateway 16.2
Oracle Banking Platform 2.5.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Sites 12.2.1.3.0
Oracle Jd Edwards Enterpriseone Orchestrator 9.2
Oracle Banking Platform 2.6.0
Oracle Banking Platform 2.6.1
Oracle Banking Platform 2.6.2
Oracle Weblogic Server 12.2.1.4.0
Oracle Webcenter Sites 12.2.1.4.0
Oracle Webcenter Portal 12.2.1.4.0
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Communications Billing And Revenue Management 7.5.0.23.0
2 Github repositories
668
VMScore
CVE-2018-14718
FasterXML jackson-databind 2.x prior to 2.9.7 might allow remote malicious users to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization.
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Oracle Primavera Unifier 16.2
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Primavera P6 Enterprise Project Portfolio Management 16.2
Oracle Primavera P6 Enterprise Project Portfolio Management 15.1
Oracle Banking Platform 2.5.0
Oracle Primavera Unifier 16.1
Oracle Primavera P6 Enterprise Project Portfolio Management 16.1
Oracle Jdeveloper 12.1.3.0.0
Oracle Primavera P6 Enterprise Project Portfolio Management 15.2
Oracle Retail Merchandising System 16.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Primavera P6 Enterprise Project Portfolio Management
Oracle Primavera P6 Enterprise Project Portfolio Management 18.8
Oracle Jd Edwards Enterpriseone Orchestrator 9.2
Oracle Communications Billing And Revenue Management 7.5
Oracle Communications Billing And Revenue Management 12.0
Oracle Financial Services Analytical Applications Infrastructure 8.0.2
516
VMScore
CVE-2015-7973
NTP prior to 4.2.8p6 and 4.3.x prior to 4.3.90, when configured in broadcast mode, allows man-in-the-middle malicious users to conduct replay attacks by sniffing the network.
Ntp Ntp
Ntp Ntp 4.2.8
Siemens Tim 4r-ie Firmware
Siemens Tim 4r-ie Dnp3 Firmware
Freebsd Freebsd 9.3
Freebsd Freebsd
Freebsd Freebsd 10.1
Freebsd Freebsd 10.2
Netapp Clustered Data Ontap -
Netapp Oncommand Balance -
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
446
VMScore
CVE-2019-10247
In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and 9.4.16 and older, the server running on any OS and Jetty version combination will reveal the configured fully qualified directory base resource location on the output of the 404 error for not finding a Con...
Eclipse Jetty 9.3.0
Eclipse Jetty 9.3.4
Eclipse Jetty 9.3.7
Eclipse Jetty 9.3.8
Eclipse Jetty 9.3.1
Eclipse Jetty 9.3.2
Eclipse Jetty 9.3.3
Eclipse Jetty 9.3.5
Eclipse Jetty 9.3.6
Eclipse Jetty 9.3.9
Eclipse Jetty 9.3.10
Eclipse Jetty 9.3.11
Eclipse Jetty 9.3.12
Eclipse Jetty 9.3.13
Eclipse Jetty 9.3.14
Eclipse Jetty 9.3.15
Eclipse Jetty 9.3.16
Eclipse Jetty 9.3.17
Eclipse Jetty 9.3.18
Eclipse Jetty 9.3.19
Eclipse Jetty 9.3.20
Eclipse Jetty 9.3.21
1000
VMScore
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0
Apache Log4j
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Siemens Head-end System Universal Device Integration System
Siemens Gma-manager
Siemens Energyip 8.5
Siemens Energyip 8.6
Siemens Energyip 8.7
Siemens Energyip 9.0
Siemens Energy Engage 3.1
Siemens E-car Operation Center
2 Metasploit modules
1162 Github repositories
28 Articles
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
NEXT »