Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
process integration vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2022-26504
Improper authentication in Veeam Backup & Replication 9.5U3, 9.5U4,10.x and 11.x component used for Microsoft System Center Virtual Machine Manager (SCVMM) allows attackers execute arbitrary code via Veeam.Backup.PSManager.exe
Veeam Veeam Backup \\& Replication 11.0.1.1261
Veeam Veeam Backup \\& Replication 10.0.1.4854
Veeam Veeam Backup \\& Replication 9.5.4.2615
Veeam Veeam Backup \\& Replication 9.5.0.1536
Veeam Veeam Backup \\& Replication
1 Github repository
1 Article
NA
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Ietf Http 2.0
Nghttp2 Nghttp2
Netty Netty
Envoyproxy Envoy 1.27.0
Envoyproxy Envoy 1.26.4
Envoyproxy Envoy 1.25.9
Envoyproxy Envoy 1.24.10
Eclipse Jetty
Caddyserver Caddy
Golang Http2
Golang Go
Golang Networking
F5 Big-ip Analytics
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Domain Name System
F5 Big-ip Application Security Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
34 Github repositories
2 Articles
5
CVSSv2
CVE-2021-37136
The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data (which affects the allocation size used during decompression). All users of Bzip2Decoder are affected. The malicious input can trigger an OOME and so a DoS attack
Netty Netty
Quarkus Quarkus
Oracle Peoplesoft Enterprise Peopletools 8.48
Oracle Webcenter Portal 12.2.1.3.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Banking Digital Experience 18.2
Oracle Banking Digital Experience 18.3
Oracle Banking Digital Experience 19.1
Oracle Banking Digital Experience 18.1
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Coherence 12.2.1.4.0
Oracle Webcenter Portal 12.2.1.4.0
Oracle Coherence 14.1.1.0.0
Oracle Banking Digital Experience 19.2
Oracle Banking Digital Experience 20.1
Oracle Commerce Guided Search 11.3.2
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.7.0
Oracle Banking Digital Experience 21.1
Oracle Banking Apis
Oracle Banking Apis 19.1
Oracle Banking Apis 19.2
5
CVSSv2
CVE-2021-37137
The Snappy frame decoder function doesn't restrict the chunk length which may lead to excessive memory usage. Beside this it also may buffer reserved skippable chunks until the whole chunk was received which may lead to excessive memory usage as well. This vulnerability can ...
Netty Netty
Oracle Webcenter Portal 12.2.1.3.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Banking Digital Experience 18.2
Oracle Banking Digital Experience 18.3
Oracle Banking Digital Experience 19.1
Oracle Banking Digital Experience 18.1
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Webcenter Portal 12.2.1.4.0
Oracle Banking Digital Experience 19.2
Oracle Banking Digital Experience 20.1
Oracle Commerce Guided Search 11.3.2
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Banking Digital Experience 21.1
Oracle Banking Apis
Oracle Banking Apis 19.1
Oracle Banking Apis 19.2
Oracle Banking Apis 20.1
Oracle Banking Apis 21.1
Oracle Communications Cloud Native Core Binding Support Function 1.10.0
Oracle Communications Diameter Signaling Router
Oracle Communications Brm - Elastic Charging Engine 12.0.0.5.0
NA
CVE-2022-42003
In FasterXML jackson-databind prior to 2.13.4.1 and 2.12.17.1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled.
Fasterxml Jackson-databind
Quarkus Quarkus
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Oncommand Workflow Automation -
6 Github repositories
NA
CVE-2022-42004
In FasterXML jackson-databind prior to 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization.
Fasterxml Jackson-databind
Quarkus Quarkus
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Oncommand Workflow Automation -
4 Github repositories
NA
CVE-2022-46364
A SSRF vulnerability in parsing the href attribute of XOP:Include in MTOM requests in versions of Apache CXF prior to 3.5.5 and 3.4.10 allows an malicious user to perform SSRF style attacks on webservices that take at least one parameter of any type.
Apache Cxf
7.8
CVSSv2
CVE-2010-0590
The CMSIPUtility component in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 7.x prior to 7.1(3a)su1 and 8.x prior to 8.0(1) allows remote malicious users to cause a denial of service (process failure) via a malformed SIP Register message, aka Bug ID CSCtc3...
Cisco Unified Communications Manager 7.0\\(2\\)
Cisco Unified Communications Manager 7.1
Cisco Unified Communications Manager 8.0
Cisco Unified Communications Manager 7.0\\(1\\)
Cisco Unified Communications Manager 7.0
7.5
CVSSv2
CVE-2006-0059
Heap-based buffer overflow in the ISO Transport Service over TCP (RFC 1006) implementation of LiveData ICCP Server prior to 5.00.035 allows remote malicious users to cause a denial of service or execute arbitrary code via malformed packets.
Livedata Iccp Server 5.00.045
7.8
CVSSv2
CVE-2010-0587
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x prior to 4.3(2)SR2, 6.x prior to 6.1(5), 7.x prior to 7.1(3a)su1, and 8.x prior to 8.0(1) allows remote malicious users to cause a denial of service (process failure) via a malformed SCCP StationCapabilitie...
Cisco Unified Communications Manager 4.1
Cisco Unified Communications Manager 4.3\\(2\\)
Cisco Unified Communications Manager 4.3\\(1\\)sr.1
Cisco Unified Communications Manager 4.1.3
Cisco Unified Communications Manager 4.2
Cisco Unified Communications Manager 4.2 2
Cisco Unified Communications Manager 4.2 3
Cisco Unified Communications Manager 4.2.1
Cisco Unified Communications Manager 4.2.2
Cisco Unified Communications Manager 4.3\\(1\\)
Cisco Unified Communications Manager 6.1\\(2\\)su1
Cisco Unified Communications Manager 6.1\\(2\\)su1a
Cisco Unified Communications Manager 6.1\\(3\\)
Cisco Unified Communications Manager 6.1.0
Cisco Unified Communications Manager 6.1
Cisco Unified Communications Manager 4.2\\(3\\)sr2b
Cisco Unified Communications Manager 4.1.1
Cisco Unified Communications Manager 4.1.2
Cisco Unified Communications Manager 4.2 1
Cisco Unified Communications Manager 4.2.3sr2b
Cisco Unified Communications Manager 4.2.3sr2
Cisco Unified Communications Manager 4.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »