Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
engine vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2003-1433
Epic Games Unreal Engine 226f through 436 does not validate the challenge key, which allows remote malicious users to exhaust the player limit by joining the game multiple times.
Epic Games Unreal Engine 226f
Epic Games Unreal Engine 433
Epic Games Unreal Engine 436
5.4
CVSSv3
CVE-2018-1951
IBM Publishing Engine 2.1.2, 6.0.5, and 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. I...
Ibm Rational Publishing Engine 2.1.2
Ibm Rational Publishing Engine 6.0.6
Ibm Rational Publishing Engine 6.0.5
NA
CVE-2006-1505
base_maintenance.php in Basic Analysis and Security Engine (BASE) prior to 1.2.4 (melissa), when running in standalone mode, allows remote malicious users to bypass authentication, possibly by setting the standalone parameter to "yes".
Basic Analysis And Security Engine Base 1.1.2 Zora
Basic Analysis And Security Engine Base 1.1.3 Lynn
Basic Analysis And Security Engine Base 1.2 Betty
Basic Analysis And Security Engine Base 1.1.4 Cheryl
Basic Analysis And Security Engine Base 1.1 Elizabeth
Basic Analysis And Security Engine Base 1.2.1 Kris
Basic Analysis And Security Engine Base 1.2.2 Cindy
NA
CVE-2005-3966
Cross-site scripting (XSS) vulnerability in search.jsp in Java Search Engine (JSE) 0.9.34 allows remote malicious users to inject arbitrary web script or HTML via the q parameter.
Java Search Engine Java Search Engine 0.9.34
1 EDB exploit
5.4
CVSSv3
CVE-2021-36911
Stored Cross-Site Scripting (XSS) vulnerability discovered in WordPress Comment Engine Pro plugin (versions <= 1.0), could be exploited by users with Editor or higher role.
Comment Engine Pro Project Comment Engine Pro
NA
CVE-2007-2676
PHP remote file inclusion vulnerability in skins/header.php in Open Translation Engine (OTE) 0.7.8 allows remote malicious users to execute arbitrary PHP code via a URL in the ote_home parameter.
Open Translation Engine Open Translation Engine 0.7.8
1 EDB exploit
NA
CVE-2009-0046
Sun GridEngine 5.3 and previous versions does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote malicious users to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulne...
Sun Grid Engine 5.3
Sun Grid Engine
7.5
CVSSv3
CVE-2019-1020015
graphql-engine (aka Hasura GraphQL Engine) prior to 1.0.0-beta.3 mishandles the audience check while verifying JWT.
Hasura Graphql Engine
Hasura Graphql Engine 1.0.0
7.7
CVSSv3
CVE-2020-3467
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote malicious user to modify parts of the configuration on an affected device. The vulnerability is due to improper enforcement of role-based access cont...
Cisco Identity Services Engine
Cisco Identity Services Engine 2.4\\(0.357\\)
Cisco Identity Services Engine 2.4.0.357
Cisco Identity Services Engine 2.5
Cisco Identity Services Engine 2.6\\(0.156\\)
Cisco Identity Services Engine 2.6.0
Cisco Identity Services Engine 2.6.0.156
Cisco Identity Services Engine 2.7
Cisco Identity Services Engine 2.7\\(0.356\\)
Cisco Identity Services Engine 2.7.0.356
NA
CVE-2015-4267
Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Identity Services Engine (ISE) 1.2(0.793), 1.3(0.876), 1.4(0.109), 2.0(0.147), and 2.0(0.169) allows remote malicious users to hijack the authentication of arbitrary users, aka Bug ID CSCus09940.
Cisco Identity Services Engine Software 1.3\\(0.876\\)
Cisco Identity Services Engine Software 1.4\\(0.876\\)
Cisco Identity Services Engine Software 1.4\\(0.181\\)
Cisco Identity Services Engine Software 2.0\\(0.147\\)
Cisco Identity Services Engine Software 1.2\\(0.793\\)
Cisco Identity Services Engine Software 2.0\\(0.169\\)
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »