Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
community server vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2020-4272
IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow a remote malicious user to include arbitrary files. A remote attacker could send a specially-crafted request specify a malicious file from a remote system, which could allow the malicious user to execute arbitrary code on the vulnerab...
Ibm Qradar Security Information And Event Manager
Ibm Qradar Security Information And Event Manager 7.3.3
2.1
CVSSv2
CVE-2015-5969
The mysql-systemd-helper script in the mysql-community-server package prior to 5.6.28-2.17.1 in openSUSE 13.2 and prior to 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package prior to 10.0.22-2.21.2 in openSUSE 13.2 and prior to 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12...
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Server 12
Suse Linux Enterprise Workstation Extension 12
Suse Linux Enterprise Desktop 12
Opensuse Leap 42.1
Opensuse Opensuse 13.2
6.4
CVSSv2
CVE-2014-9301
Server-side request forgery (SSRF) vulnerability in the proxy servlet in Alfresco Community Edition prior to 5.0.a allows remote malicious users to trigger outbound requests to intranet servers, conduct port scans, and read arbitrary files via a crafted URI in the endpoint parame...
Alfresco Alfresco
1 EDB exploit
1 Github repository
6.8
CVSSv2
CVE-2019-1963
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, remote malicious user to cause the SNMP application on an affected device to restart unexpectedly. The vulnerabili...
Cisco Nx-os
Cisco Fx-os
9
CVSSv2
CVE-2014-8770
Unrestricted file upload vulnerability in magmi/web/magmi.php in the MAGMI (aka Magento Mass Importer) plugin 0.7.17a and previous versions for Magento Community Edition (CE) allows remote authenticated users to execute arbitrary code by uploading a ZIP file that contains a PHP f...
Magmi Project Magmi
1 EDB exploit
5
CVSSv2
CVE-2021-34794
A vulnerability in the Simple Network Management Protocol version 3 (SNMPv3) access control functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote malicious user to query SNMP data...
Cisco Firepower Threat Defense
Cisco Adaptive Security Appliance Software
Cisco Asa 5512-x Firmware 009.014\\(001\\)
Cisco Asa 5512-x Firmware 099.015\\(001.033\\)
Cisco Asa 5512-x Firmware 099.016\\(001.216\\)
Cisco Asa 5505 Firmware 009.014\\(001\\)
Cisco Asa 5505 Firmware 099.015\\(001.033\\)
Cisco Asa 5505 Firmware 099.016\\(001.216\\)
Cisco Asa 5515-x Firmware 009.014\\(001\\)
Cisco Asa 5515-x Firmware 099.015\\(001.033\\)
Cisco Asa 5515-x Firmware 099.016\\(001.216\\)
Cisco Asa 5525-x Firmware 009.014\\(001\\)
Cisco Asa 5525-x Firmware 099.015\\(001.033\\)
Cisco Asa 5525-x Firmware 099.016\\(001.216\\)
Cisco Asa 5545-x Firmware 009.014\\(001\\)
Cisco Asa 5545-x Firmware 099.015\\(001.033\\)
Cisco Asa 5545-x Firmware 099.016\\(001.216\\)
Cisco Asa 5555-x Firmware 009.014\\(001\\)
Cisco Asa 5555-x Firmware 099.015\\(001.033\\)
Cisco Asa 5555-x Firmware 099.016\\(001.216\\)
Cisco Asa 5580 Firmware 009.014\\(001\\)
Cisco Asa 5580 Firmware 099.015\\(001.033\\)
NA
CVE-2022-36551
A Server Side Request Forgery (SSRF) in the Data Import module in Heartex - Label Studio Community Edition versions 1.5.0 and previous versions allows an authenticated user to access arbitrary files on the system. Furthermore, self-registration is enabled by default in these vers...
Heartex Label Studio
4
CVSSv2
CVE-2019-16027
A vulnerability in the implementation of the Intermediate System–to–Intermediate System (IS–IS) routing protocol functionality in Cisco IOS XR Software could allow an authenticated, remote malicious user to cause a denial of service (DoS) condition i...
Cisco Ios Xr 4.3.2
Cisco Ios Xr 5.2.5
Cisco Ios Xr 6.2.2
Cisco Ios Xr 6.2.3
Cisco Ios Xr 6.4.2
Cisco Ios Xr 6.3.3
Cisco Ios Xr 6.2.25
Cisco Ios Xr 6.1.3
Cisco Ios Xr 6.1.4
Cisco Ios Xr 6.5.2
Cisco Ios Xr 6.5.3
Cisco Ios Xr 6.6.1
Cisco Ios Xr 6.6.25
Cisco Ios Xr 6.3.15
Cisco Ios Xr 6.6.2
Cisco Ios Xr 6.1.2
Cisco Ios Xr 6.3.2
6.8
CVSSv2
CVE-2015-2912
The JSONP endpoint in the Studio component in OrientDB Server Community Edition prior to 2.0.15 and 2.1.x prior to 2.1.1 does not properly restrict callback values, which allows remote malicious users to conduct cross-site request forgery (CSRF) attacks, and obtain sensitive info...
Orientdb Orientdb 2.1.0
Orientdb Orientdb
4.3
CVSSv2
CVE-2015-2913
server/network/protocol/http/OHttpSessionManager.java in the Studio component in OrientDB Server Community Edition prior to 2.0.15 and 2.1.x prior to 2.1.1 improperly relies on the java.util.Random class for generation of random Session ID values, which makes it easier for remote...
Orientdb Orientdb 2.1.0
Orientdb Orientdb 2.0.14
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »