Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
discovery vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2020-3415
A vulnerability in the Data Management Engine (DME) of Cisco NX-OS Software could allow an unauthenticated, adjacent malicious user to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. The vulnerability is du...
Cisco Nx-os -
Cisco Nx-os
8.8
CVSSv3
CVE-2020-3507
Multiple vulnerabilities in the Cisco Discovery Protocol implementation for Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent malicious user to execute code remotely or cause a reload of an affected IP camera. These vulnerabilities are due t...
Cisco 8000p Ip Camera Firmware 1.0.9-1
Cisco 8020 Ip Camera Firmware 1.0.9-1
Cisco 8030 Ip Camera Firmware 1.0.9-1
Cisco 8070 Ip Camera Firmware 1.0.9-1
Cisco 8400 Ip Camera Firmware 1.0.9-1
Cisco 8620 Ip Camera Firmware 1.0.9-1
Cisco 8630 Ip Camera Firmware 1.0.9-1
Cisco 8930 Speed Dome Ip Camera Firmware 1.0.9-1
8.8
CVSSv3
CVE-2020-3506
Multiple vulnerabilities in the Cisco Discovery Protocol implementation for Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent malicious user to execute code remotely or cause a reload of an affected IP camera. These vulnerabilities are due t...
Cisco 8000p Ip Camera Firmware 1.0.9-1
Cisco 8020 Ip Camera Firmware 1.0.9-1
Cisco 8030 Ip Camera Firmware 1.0.9-1
Cisco 8070 Ip Camera Firmware 1.0.9-1
Cisco 8400 Ip Camera Firmware 1.0.9-1
Cisco 8620 Ip Camera Firmware 1.0.9-1
Cisco 8630 Ip Camera Firmware 1.0.9-1
Cisco 8930 Speed Dome Ip Camera Firmware 1.0.9-1
8.8
CVSSv3
CVE-2020-15816
In Western Digital WD Discovery prior to 4.0.251.0, a malicious application running with standard user permissions could potentially execute code in the application's process through library injection by using DYLD environment variables.
Westerndigital Wd Discovery
8.8
CVSSv3
CVE-2020-3217
A vulnerability in the Topology Discovery Service of Cisco One Platform Kit (onePK) in Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent malicious user to execute arbitrary code or cause a denial of...
Cisco Ios 12.2\\(6\\)i1
Cisco Ios 12.4\\(25e\\)jao7
Cisco Ios 15.0\\(2\\)sg11a
Cisco Ios 15.1\\(3\\)svr1
Cisco Ios 15.2\\(1\\)sy
Cisco Ios 15.2\\(1\\)sy0a
Cisco Ios 15.2\\(1\\)sy1
Cisco Ios 15.2\\(1\\)sy1a
Cisco Ios 15.2\\(1\\)sy2
Cisco Ios 15.2\\(1\\)sy3
Cisco Ios 15.2\\(1\\)sy4
Cisco Ios 15.2\\(1\\)sy5
Cisco Ios 15.2\\(1\\)sy6
Cisco Ios 15.2\\(1\\)sy7
Cisco Ios 15.2\\(1\\)sy8
Cisco Ios 15.2\\(2\\)sy
Cisco Ios 15.2\\(2\\)sy1
Cisco Ios 15.2\\(2\\)sy2
Cisco Ios 15.2\\(2\\)sy3
Cisco Ios 15.2\\(3\\)e
Cisco Ios 15.2\\(3\\)e1
Cisco Ios 15.2\\(3\\)e2
8.8
CVSSv3
CVE-2020-12427
The Western Digital WD Discovery application prior to 3.8.229 for MyCloud Home on Windows and macOS is vulnerable to CSRF, with impacts such as stealing data, modifying disk contents, or exhausting disk space.
Westerndigital Wd Discovery
8.8
CVSSv3
CVE-2020-12078
An issue exists in Open-AudIT 3.3.1. There is shell metacharacter injection via attributes to an open-audit/configuration/ URI. An attacker can exploit this by adding an excluded IP address to the global discovery settings (internally called exclude_ip). This exclude_ip value is ...
Opmantek Open-audit 3.3.1
2 Github repositories
8.8
CVSSv3
CVE-2020-11941
An issue exists in Open-AudIT 3.2.2. There is OS Command injection in Discovery.
Opmantek Open-audit 3.2.2
8.8
CVSSv3
CVE-2020-11112
FasterXML jackson-databind 2.x prior to 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy).
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Netapp Steelstore Cloud Integrated Storage -
Oracle Retail Xstore Point Of Service 15.0
Oracle Primavera Unifier 16.2
Oracle Retail Service Backbone 14.1
Oracle Primavera Unifier 16.1
Oracle Retail Service Backbone 15.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Retail Xstore Point Of Service 16.0
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Retail Merchandising System 15.0
Oracle Agile Plm 9.3.6
Oracle Banking Digital Experience 18.2
Oracle Banking Digital Experience 18.3
Oracle Banking Digital Experience 19.1
Oracle Banking Digital Experience 18.1
Oracle Weblogic Server 12.2.1.4.0
Oracle Enterprise Manager Base Platform 13.3.0.0
Oracle Financial Services Price Creation And Discovery 8.0.7
Oracle Primavera Unifier 19.12
8.8
CVSSv3
CVE-2020-11113
FasterXML jackson-databind 2.x prior to 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa).
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Netapp Steelstore Cloud Integrated Storage -
Oracle Retail Xstore Point Of Service 15.0
Oracle Primavera Unifier 16.2
Oracle Retail Service Backbone 14.1
Oracle Primavera Unifier 16.1
Oracle Retail Service Backbone 15.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Retail Xstore Point Of Service 16.0
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Retail Merchandising System 15.0
Oracle Agile Plm 9.3.6
Oracle Banking Digital Experience 18.2
Oracle Banking Digital Experience 18.3
Oracle Banking Digital Experience 19.1
Oracle Banking Digital Experience 18.1
Oracle Weblogic Server 12.2.1.4.0
Oracle Enterprise Manager Base Platform 13.3.0.0
Oracle Financial Services Price Creation And Discovery 8.0.7
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »