Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
viewpoint vulnerabilities and exploits
(subscribe to this query)
7.3
CVSSv3
CVE-2021-39226
Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated users are able to view the snapshot with the lowest database key by accessing the literal paths: /dashboard/snapshot/:key, or /api/snapshots/:key. If the snapshot "p...
Grafana Grafana
Fedoraproject Fedora 34
Fedoraproject Fedora 35
6.1
CVSSv3
CVE-2020-13430
Grafana prior to 7.0.0 allows tag value XSS via the OpenTSDB datasource.
Grafana Grafana
9.8
CVSSv3
CVE-2017-5677
PEAR HTML_AJAX 0.3.0 up to and including 0.5.7 has a PHP Object Injection Vulnerability in the PHP Serializer. It allows remote code execution. In one viewpoint, the root cause is an incorrect regular expression.
Pear Html Ajax 0.5.6
Pear Html Ajax 0.5.4
Pear Html Ajax 0.3.4
Pear Html Ajax 0.3.2
Pear Html Ajax 0.5.3
Pear Html Ajax 0.5.2
Pear Html Ajax 0.5.1
Pear Html Ajax 0.5.0
Pear Html Ajax 0.4.1
Pear Html Ajax 0.3.1
Pear Html Ajax 0.3.0
Pear Html Ajax 0.5.7
Pear Html Ajax 0.5.5
Pear Html Ajax 0.4.0
Pear Html Ajax 0.3.3
NA
CVE-2009-0656
Asus SmartLogon 1.0.0005 allows physically proximate malicious users to bypass "security functions" by presenting an image with a modified viewpoint that matches the posture of a stored image of the authorized notebook user.
Asus Smartlogon 1.0.0005
3.1
CVSSv3
CVE-2019-2933
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network...
Oracle Jdk 11.0.4
Oracle Jdk 13.0.0
Oracle Jre 11.0.4
Oracle Jre 13.0.0
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Jre 1.7.0
Oracle Jre 1.8.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Debian Debian Linux 8.0
Mcafee Epolicy Orchestrator 5.9.0
Mcafee Epolicy Orchestrator 5.9.1
Mcafee Epolicy Orchestrator 5.10.0
9.9
CVSSv3
CVE-2016-2396
The GMS ViewPoint (GMSVP) web application in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote authenticated users to execute arbitrary commands via vectors related to configuration input.
Sonicwall Analyzer 7.2
Sonicwall Analyzer 8.0
Sonicwall Analyzer 8.1
Sonicwall Global Management System 7.2
Sonicwall Global Management System 8.0
Sonicwall Global Management System 8.1
Sonicwall Uma Em5000 Firmware 7.2
Sonicwall Uma Em5000 Firmware 8.0
Sonicwall Uma Em5000 Firmware 8.1
NA
CVE-2014-8420
The ViewPoint web application in Dell SonicWALL Global Management System (GMS) prior to 7.2 SP2, SonicWALL Analyzer prior to 7.2 SP2, and SonicWALL UMA prior to 7.2 SP2 allows remote authenticated users to execute arbitrary code via unspecified vectors.
Sonicwall Analyzer 7.2
Sonicwall Global Management System 7.2
Sonicwall Uma Em5000 -
NA
CVE-2009-0657
Toshiba Face Recognition 2.0.2.32 allows physically proximate malicious users to obtain notebook access by presenting a large number of images for which the viewpoint and lighting have been modified to match a stored image of the authorized notebook user.
Toshiba Face Recognition 2.0.2.32
5.9
CVSSv3
CVE-2019-2958
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network...
Oracle Jdk 11.0.4
Oracle Jdk 13.0.0
Oracle Jre 11.0.4
Oracle Jre 13.0.0
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Jre 1.7.0
Oracle Jre 1.8.0
Netapp Snapmanager -
Netapp Oncommand Workflow Automation -
Netapp E-series Santricity Web Services Proxy -
Netapp E-series Santricity Storage Manager -
Netapp E-series Santricity Unified Manager -
Netapp E-series Santricity Os Controller
Opensuse Leap 15.0
Opensuse Leap 15.1
Debian Debian Linux 8.0
2 Github repositories
NA
CVE-2013-4629
The Huawei viewpoint VP9610 and VP9620 units for the Huawei Video Conference system do not update the Session ID upon successful establishment of a login session, which allows remote authenticated users to hijack sessions via an unspecified interception method.
Huawei Vp 9620
Huawei Vp 9610
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »