Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
secure access control system vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-21940
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute vulnerability in Johnson Controls System Configuration Tool (SCT) version 14 before 14.2.3 and version 15 before 15.0.3 could allow access to the cookie.
Johnsoncontrols Metasys System Configuration Tool
668
VMScore
CVE-2000-0419
The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote malicious users to conduct unauthorized activities via the "Show Me" function in Office Help, aka the "Office 2000 UA Control" vulnerability.
Microsoft Photodraw 2000 1.0
Microsoft Powerpoint 2000
Microsoft Project 2000
Microsoft Access 2000
Microsoft Word 2000
Microsoft Works 2000
Microsoft Office 2000
Microsoft Outlook 2000
Microsoft Excel 2000
Microsoft Frontpage 2000
534
VMScore
CVE-2007-1526
Sun Java System Web Server 6.1 prior to 20070314 allows remote authenticated users with revoked client certificates to bypass the Certificate Revocation List (CRL) authorization control and access secure web server instances running under an account different from that used for t...
Sun Java System Web Server 6.1
446
VMScore
CVE-2019-11478
Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fi...
Linux Linux Kernel
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 15.0.0
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 15.0.0
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Acceleration Manager 15.0.0
F5 Big-ip Link Controller
F5 Big-ip Link Controller 15.0.0
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Policy Enforcement Manager 15.0.0
F5 Big-ip Webaccelerator
F5 Big-ip Webaccelerator 15.0.0
F5 Big-ip Application Security Manager
F5 Big-ip Application Security Manager 15.0.0
F5 Big-ip Local Traffic Manager
F5 Big-ip Local Traffic Manager 15.0.0
F5 Big-ip Fraud Protection Service
F5 Big-ip Fraud Protection Service 15.0.0
F5 Big-ip Global Traffic Manager
F5 Big-ip Global Traffic Manager 15.0.0
F5 Big-ip Analytics
4 Github repositories
1 Article
445
VMScore
CVE-2005-3482
Cisco 1200, 1131, and 1240 series Access Points, when operating in Lightweight Access Point Protocol (LWAPP) mode and controlled by 2000 and 4400 series Airespace WLAN controllers running 3.1.59.24, allow remote malicious users to send unencrypted traffic to a secure network usin...
Cisco Aironet Ap1200
Cisco Aironet Ap1240
Cisco Aironet Ap1131
696
VMScore
CVE-2019-11477
Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kern...
Linux Linux Kernel
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 15.0.0
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 15.0.0
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Acceleration Manager 15.0.0
F5 Big-ip Link Controller
F5 Big-ip Link Controller 15.0.0
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Policy Enforcement Manager 15.0.0
F5 Big-ip Webaccelerator
F5 Big-ip Webaccelerator 15.0.0
F5 Big-ip Application Security Manager
F5 Big-ip Application Security Manager 15.0.0
F5 Big-ip Local Traffic Manager
F5 Big-ip Local Traffic Manager 15.0.0
F5 Big-ip Fraud Protection Service
F5 Big-ip Fraud Protection Service 15.0.0
F5 Big-ip Global Traffic Manager
F5 Big-ip Global Traffic Manager 15.0.0
F5 Big-ip Analytics
7 Github repositories
1 Article
445
VMScore
CVE-2004-0918
The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache prior to 2.4.STABLE7 allows remote malicious users to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error.
Openpkg Openpkg 2.1
Openpkg Openpkg 2.2
Squid Squid 2.4 .stable2
Squid Squid 2.4 .stable6
Squid Squid 3.0 Pre2
Squid Squid 3.0 Pre3
Openpkg Openpkg Current
Squid Squid 2.0 Patch2
Squid Squid 2.4 .stable7
Squid Squid 2.5 .stable1
Squid Squid 2.5 .stable3
Squid Squid 2.3 .stable5
Squid Squid 2.4
Squid Squid 2.5 .stable6
Squid Squid 3.0 Pre1
Squid Squid 2.1 Patch2
Squid Squid 2.3 .stable4
Squid Squid 2.5 .stable4
Squid Squid 2.5 .stable5
Ubuntu Ubuntu Linux 4.1
Gentoo Linux
Trustix Secure Linux 2.0
801
VMScore
CVE-2020-3211
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote malicious user to execute arbitrary commands with root privileges on the underlying operating system of an affected device. The vulnerability is due to improper input sanitization. An atta...
Cisco Ios Xe 16.10.1
Cisco Ios Xe 16.10.1a
Cisco Ios Xe 16.10.1b
Cisco Ios Xe 16.10.1e
Cisco Ios Xe 16.10.1s
Cisco Ios Xe 16.10.2
Cisco Ios Xe 16.11.1
Cisco Ios Xe 16.11.1a
Cisco Ios Xe 16.11.1b
Cisco Ios Xe 16.11.1c
Cisco Ios Xe 16.11.1s
Cisco Ios Xe 16.12.1
Cisco Ios Xe 16.12.1a
Cisco Ios Xe 16.12.1c
Cisco Ios Xe 16.12.1s
Cisco Ios Xe 16.12.1t
445
VMScore
CVE-2015-7848
An integer overflow can occur in NTP-dev.4.3.70 leading to an out-of-bounds memory copy operation when processing a specially crafted private mode packet. The crafted packet needs to have the correct message authentication code and a valid timestamp. When processed by the NTP dae...
Ntp Ntp-dev 4.3.70
578
VMScore
CVE-2015-7849
Use-after-free vulnerability in ntpd in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote authenticated users to possibly execute arbitrary code or cause a denial of service (crash) via crafted packets.
Ntp Ntp
Ntp Ntp 4.2.8
Netapp Oncommand Balance -
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »