Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
community server vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2020-4272
IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow a remote malicious user to include arbitrary files. A remote attacker could send a specially-crafted request specify a malicious file from a remote system, which could allow the malicious user to execute arbitrary code on the vulnerab...
Ibm Qradar Security Information And Event Manager
Ibm Qradar Security Information And Event Manager 7.3.3
7
CVSSv3
CVE-2017-2624
It was found that xorg-x11-server prior to 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp() implementations return after an invalid byte is...
X.org Xorg-server
Debian Debian Linux 7.0
1 Github repository
NA
CVE-2014-9301
Server-side request forgery (SSRF) vulnerability in the proxy servlet in Alfresco Community Edition prior to 5.0.a allows remote malicious users to trigger outbound requests to intranet servers, conduct port scans, and read arbitrary files via a crafted URI in the endpoint parame...
Alfresco Alfresco
1 EDB exploit
1 Github repository
6.5
CVSSv3
CVE-2019-1963
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, remote malicious user to cause the SNMP application on an affected device to restart unexpectedly. The vulnerabili...
Cisco Nx-os
Cisco Fx-os
5.3
CVSSv3
CVE-2021-34794
A vulnerability in the Simple Network Management Protocol version 3 (SNMPv3) access control functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote malicious user to query SNMP data...
Cisco Firepower Threat Defense
Cisco Adaptive Security Appliance Software
Cisco Asa 5512-x Firmware 009.014\\(001\\)
Cisco Asa 5512-x Firmware 099.015\\(001.033\\)
Cisco Asa 5512-x Firmware 099.016\\(001.216\\)
Cisco Asa 5505 Firmware 009.014\\(001\\)
Cisco Asa 5505 Firmware 099.015\\(001.033\\)
Cisco Asa 5505 Firmware 099.016\\(001.216\\)
Cisco Asa 5515-x Firmware 009.014\\(001\\)
Cisco Asa 5515-x Firmware 099.015\\(001.033\\)
Cisco Asa 5515-x Firmware 099.016\\(001.216\\)
Cisco Asa 5525-x Firmware 009.014\\(001\\)
Cisco Asa 5525-x Firmware 099.015\\(001.033\\)
Cisco Asa 5525-x Firmware 099.016\\(001.216\\)
Cisco Asa 5545-x Firmware 009.014\\(001\\)
Cisco Asa 5545-x Firmware 099.015\\(001.033\\)
Cisco Asa 5545-x Firmware 099.016\\(001.216\\)
Cisco Asa 5555-x Firmware 009.014\\(001\\)
Cisco Asa 5555-x Firmware 099.015\\(001.033\\)
Cisco Asa 5555-x Firmware 099.016\\(001.216\\)
Cisco Asa 5580 Firmware 009.014\\(001\\)
Cisco Asa 5580 Firmware 099.015\\(001.033\\)
NA
CVE-2014-8770
Unrestricted file upload vulnerability in magmi/web/magmi.php in the MAGMI (aka Magento Mass Importer) plugin 0.7.17a and previous versions for Magento Community Edition (CE) allows remote authenticated users to execute arbitrary code by uploading a ZIP file that contains a PHP f...
Magmi Project Magmi
1 EDB exploit
6.5
CVSSv3
CVE-2022-36551
A Server Side Request Forgery (SSRF) in the Data Import module in Heartex - Label Studio Community Edition versions 1.5.0 and previous versions allows an authenticated user to access arbitrary files on the system. Furthermore, self-registration is enabled by default in these vers...
Heartex Label Studio
6.5
CVSSv3
CVE-2019-16027
A vulnerability in the implementation of the Intermediate System–to–Intermediate System (IS–IS) routing protocol functionality in Cisco IOS XR Software could allow an authenticated, remote malicious user to cause a denial of service (DoS) condition i...
Cisco Ios Xr 4.3.2
Cisco Ios Xr 5.2.5
Cisco Ios Xr 6.2.2
Cisco Ios Xr 6.2.3
Cisco Ios Xr 6.4.2
Cisco Ios Xr 6.3.3
Cisco Ios Xr 6.2.25
Cisco Ios Xr 6.1.3
Cisco Ios Xr 6.1.4
Cisco Ios Xr 6.5.2
Cisco Ios Xr 6.5.3
Cisco Ios Xr 6.6.1
Cisco Ios Xr 6.6.25
Cisco Ios Xr 6.3.15
Cisco Ios Xr 6.6.2
Cisco Ios Xr 6.1.2
Cisco Ios Xr 6.3.2
5.9
CVSSv3
CVE-2015-2913
server/network/protocol/http/OHttpSessionManager.java in the Studio component in OrientDB Server Community Edition prior to 2.0.15 and 2.1.x prior to 2.1.1 improperly relies on the java.util.Random class for generation of random Session ID values, which makes it easier for remote...
Orientdb Orientdb 2.1.0
Orientdb Orientdb 2.0.14
8.8
CVSSv3
CVE-2015-2912
The JSONP endpoint in the Studio component in OrientDB Server Community Edition prior to 2.0.15 and 2.1.x prior to 2.1.1 does not properly restrict callback values, which allows remote malicious users to conduct cross-site request forgery (CSRF) attacks, and obtain sensitive info...
Orientdb Orientdb 2.1.0
Orientdb Orientdb
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »