Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
on-premise vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-1627
MuleSoft is aware of a Server Side Request Forgery vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. This affects: Mule 3.8.x,3.9.x,4.x runtime released before February 2, 2021.
Salesforce Mule
5.4
CVSSv3
CVE-2020-1049
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability'. This CVE ID is ...
Microsoft Dynamics 365 Server 9.0
1 Article
6.1
CVSSv3
CVE-2020-1050
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability'. This CVE ID is ...
Microsoft Dynamics 365 Server 9.0
1 Article
6.1
CVSSv3
CVE-2023-52326
Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an malicious user to achieve remote code execution on affected servers. Please note this vulnerability is similar, but not identical to CVE-2023-...
Trendmicro Apex Central 2019
6.1
CVSSv3
CVE-2023-52327
Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an malicious user to achieve remote code execution on affected servers. Please note this vulnerability is similar, but not identical to CVE-2023-...
Trendmicro Apex Central 2019
6.1
CVSSv3
CVE-2023-52328
Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an malicious user to achieve remote code execution on affected servers. Please note this vulnerability is similar, but not identical to CVE-2023-...
Trendmicro Apex Central 2019
9.8
CVSSv3
CVE-2022-2830
Deserialization of Untrusted Data vulnerability in the message processing component of Bitdefender GravityZone Console allows an malicious user to pass unsafe commands to the environment. This issue affects: Bitdefender GravityZone Console On-Premise versions before 6.29.2-1. Bit...
Bitdefender Gravityzone
8.1
CVSSv3
CVE-2022-33202
Authentication bypass vulnerability in the setup screen of L2Blocker(on-premise) Ver4.8.5 and previous versions and L2Blocker(Cloud) Ver4.8.5 and previous versions allows an adjacent malicious user to perform an unauthorized login and obtain the stored information or cause a malf...
Softcreate L2blocker
9.8
CVSSv3
CVE-2022-28750
Zoom On-Premise Meeting Connector Zone Controller (ZC) before version 4.8.20220419.112 fails to properly parse STUN error codes, which can result in memory corruption and could allow a malicious actor to crash the application. In versions older than 4.8.12.20211115, this vulnerab...
Zoom Meeting Connector
5.3
CVSSv3
CVE-2018-18566
The SIP service in Polycom VVX 500 and 601 devices 5.8.0.12848 and previous versions allow remote malicious users to obtain sensitive phone configuration information by leveraging use with an on-premise installation with Skype for Business.
Polycom Unified Communications Software
Polycom Vvx 601 Firmware -
Polycom Vvx 500 Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »