Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bootstrap vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-20864
A vulnerability in the password-recovery disable feature of Cisco IOS XE ROM Monitor (ROMMON) Software for Cisco Catalyst Switches could allow an unauthenticated, local malicious user to recover the configuration or reset the enable password. This vulnerability is due to a proble...
Cisco Ios Xe Rom Monitor -
NA
CVE-2024-1398
The Ultimate Bootstrap Elements for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘heading_title_tag’ and ’heading_sub_title_tag’ parameters in all versions up to, and including, 1.3.6 due to insufficient input sanitiz...
NA
CVE-2024-0847
The 5280 Bootstrap Modal Contact Form plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation in class-sbmm-list-table.php. This makes it possible for unauthenticated maliciou...
NA
CVE-2024-2132
The Ultimate Bootstrap Elements for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Widget in all versions up to, and including, 1.4.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it p...
6.8
CVSSv2
CVE-2021-20198
A flaw was found in the OpenShift Installer before version v0.9.0-master.0.20210125200451-95101da940b0. During installation of OpenShift Container Platform 4 clusters, bootstrap nodes are provisioned with anonymous authentication enabled on kubelet port 10250. A remote attacker a...
Redhat Openshift Installer
NA
CVE-2023-39417
IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-...
Postgresql Postgresql
Redhat Enterprise Linux 8.0
Redhat Software Collections -
Redhat Enterprise Linux 9.0
Debian Debian Linux 8.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
6.8
CVSSv2
CVE-2022-32563
An issue exists in Couchbase Sync Gateway 3.x prior to 3.0.2. Admin credentials are not verified when using X.509 client-certificate authentication from Sync Gateway to Couchbase Server. When Sync Gateway is configured to authenticate with Couchbase Server using X.509 client cert...
Couchbase Sync Gateway
1 Github repository
7.8
CVSSv2
CVE-2011-0943
Cisco IOS XR 3.8.3, 3.8.4, and 3.9.1 allows remote malicious users to cause a denial of service (NetIO process restart or device reload) via a crafted IPv4 packet, aka Bug ID CSCth44147.
Cisco Ios Xr 3.8.3
Cisco Ios Xr 3.8.4
Cisco Ios Xr 3.9.1
NA
CVE-2023-31442
In Lightbend Akka prior to 2.8.1, the async-dns resolver (used by Discovery in DNS mode and transitively by Cluster Bootstrap) uses predictable DNS transaction IDs when resolving DNS records, making DNS resolution subject to poisoning by an attacker. If the application performing...
Lightbend Akka Discovery
Lightbend Akka Actor
7.8
CVSSv2
CVE-2011-0949
Cisco IOS XR 3.6.x, 3.8.x prior to 3.8.3, and 3.9.x prior to 3.9.1 does not properly remove sshd_lock files from /tmp/, which allows remote malicious users to cause a denial of service (disk consumption) by making many SSHv1 connections, aka Bug ID CSCtd64417.
Cisco Ios Xr 3.6.0
Cisco Ios Xr 3.6.1
Cisco Ios Xr 3.6.2
Cisco Ios Xr 3.6.3
Cisco Ios Xr 3.8.0
Cisco Ios Xr 3.8.2
Cisco Ios Xr 3.8.1
Cisco Ios Xr 3.9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »