Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
health vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2019-4546
After installing the IBM Maximo Health- Safety and Environment Manager 7.6.1, a user is granted additional privileges that they are not normally allowed to access. IBM X-Force ID: 165948.
Ibm Maximo For Oil And Gas 7.6.1
Ibm Maximo Health\\, Safety And Environment Manager 7.6.1
NA
CVE-2021-3914
It was found that the smallrye health metrics UI component did not properly sanitize some user inputs. An attacker could use this flaw to conduct cross-site scripting attacks.
Redhat Openshift Application Runtimes 1.0
Redhat Build Of Quarkus -
Redhat Build Of Quarkus
Redhat Smallrye Health -
384
VMScore
CVE-2021-4160
There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing privat...
Openssl Openssl 3.0.0
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Oracle Jd Edwards World Security A9.4
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Jd Edwards Enterpriseone Tools 9.2.6.3
Oracle Health Sciences Inform Publisher 6.3.1.1
Oracle Health Sciences Inform Publisher 6.2.1.1
Siemens Sinec Ins 1.0
Siemens Sinec Ins
Oracle Enterprise Manager Ops Center 12.4.0.0
4 Github repositories
516
VMScore
CVE-2019-17569
The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility of HTTP Request Smuggling if Tomca...
Apache Tomcat
Apache Tomee 7.0.7
Opensuse Leap 15.1
Netapp Oncommand System Manager
Netapp Data Availability Services -
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Oracle Transportation Management 6.3.7
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
Oracle Agile Plm 9.3.3
Oracle Agile Plm 9.3.5
Oracle Agile Plm 9.3.6
Oracle Instantis Enterprisetrack
Oracle Mysql Enterprise Monitor
Oracle Health Sciences Empirica Signal 7.3.3
Oracle Communications Instant Messaging Server 10.0.1.4.0
Oracle Workload Manager 18c
Oracle Workload Manager 19c
Oracle Workload Manager 12.2.0.1
Oracle Agile Engineering Data Management 6.2.1.0
Oracle Health Sciences Empirica Inspections 1.0.1.2
516
VMScore
CVE-2020-1935
In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located be...
Apache Tomcat 9.0.0
Apache Tomcat
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
Netapp Oncommand System Manager
Netapp Data Availability Services -
Oracle Transportation Management 6.3.7
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
Oracle Retail Order Broker 15.0
Oracle Agile Product Lifecycle Management 9.3.3
Oracle Agile Product Lifecycle Management 9.3.5
Oracle Agile Product Lifecycle Management 9.3.6
Oracle Instantis Enterprisetrack
Oracle Health Sciences Empirica Signal 7.3.3
Oracle Communications Instant Messaging Server 10.0.1.4.0
Oracle Communications Element Manager 8.2.0
Oracle Communications Element Manager 8.2.1
Oracle Communications Element Manager 8.1.1
684
VMScore
CVE-2020-1938
When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exp...
Apache Tomcat
Apache Geode 1.12.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Oracle Transportation Management 6.3.7
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
Oracle Agile Plm 9.3.3
Oracle Agile Plm 9.3.5
Oracle Agile Plm 9.3.6
Oracle Instantis Enterprisetrack
Oracle Mysql Enterprise Monitor
Oracle Health Sciences Empirica Signal 7.3.3
Oracle Communications Instant Messaging Server 10.0.1.4.0
Oracle Communications Element Manager 8.2.0
Oracle Communications Element Manager 8.2.1
Oracle Communications Element Manager 8.1.1
Oracle Workload Manager 18c
Oracle Workload Manager 19c
Oracle Workload Manager 12.2.0.1
Oracle Agile Engineering Data Management 6.2.1.0
57 Github repositories
1 Article
801
VMScore
CVE-2016-0635
Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2, and 12.3.2; the Oracle Health Sciences Information Manager component in Oracle Health Sciences Applications 1.2.8.3, 2.0.2.3, and 3.0.1.0; the Oracle...
Oracle Insurance Policy Administration J2ee 9.7.1
Oracle Insurance Policy Administration J2ee 10.0.1
Oracle Insurance Rules Palette 10.2.0
Oracle Insurance Rules Palette 10.2.2
Oracle Retail Integration Bus 15.0
Oracle Insurance Policy Administration J2ee 9.6.1
Oracle Insurance Rules Palette 10.0.1
Oracle Insurance Rules Palette 10.1.2
Oracle Primavera P6 Enterprise Project Portfolio Management 15.2
Oracle Primavera P6 Enterprise Project Portfolio Management 16.1
Oracle Health Sciences Information Manager 3.0.1.0
Oracle Enterprise Manager Ops Center 12.1.4
Oracle Retail Order Broker Cloud Service 15.0
Oracle Documaker
Oracle Insurance Policy Administration J2ee 10.2.2
Oracle Insurance Rules Palette 9.6.1
Oracle Insurance Rules Palette 9.7.1
Oracle Primavera P6 Enterprise Project Portfolio Management 8.4
Oracle Primavera P6 Enterprise Project Portfolio Management 15.1
Oracle Health Sciences Information Manager 1.2.8.3
Oracle Health Sciences Information Manager 2.0.2.3
Oracle Retail Order Broker Cloud Service 5.1
571
VMScore
CVE-2022-20821
A vulnerability in the health check RPM of Cisco IOS XR Software could allow an unauthenticated, remote malicious user to access the Redis instance that is running within the NOSi container. This vulnerability exists because the health check RPM opens TCP port 6379 by default upo...
Cisco Ios Xr -
668
VMScore
CVE-2021-3711
In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" paramete...
Openssl Openssl
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Santricity Smi-s Provider -
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Manageability Software Development Kit -
Netapp Storage Encryption -
Netapp E-series Santricity Os Controller
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Jd Edwards World Security A9.4
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Enterprise Session Border Controller 8.4
Oracle Enterprise Communications Broker 3.2.0
Oracle Zfs Storage Appliance Kit 8.8
Oracle Peoplesoft Enterprise Peopletools 8.59
1 Github repository
1 Article
614
VMScore
CVE-2015-4282
Cisco Mobility Services Engine (MSE) up to and including 8.0.120.7 uses weak permissions for unspecified binary files, which allows local users to obtain root privileges by writing to a file, aka Bug ID CSCuv40504.
Cisco Mobility Services Engine 5.1 Base
Cisco Mobility Services Engine 8.0\\(110.0\\)
Cisco Mobility Services Engine 7.4.100.0
Cisco Mobility Services Engine 7.4.110.0
Cisco Mobility Services Engine 7.4.121.0
Cisco Mobility Services Engine 7.5.102.101
Cisco Mobility Services Engine 6.0 Base
Cisco Mobility Services Engine 7.4 Base
Cisco Mobility Services Engine 7.6.100.0
Cisco Mobility Services Engine 7.6.132.0
Cisco Mobility Services Engine 5.2 Base
Cisco Mobility Services Engine 7.0 Base
Cisco Mobility Services Engine 7.6.120.0
Cisco Mobility Services Engine 8.0 Base
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »