Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rapid7 vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2010-0219
Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a default password of axis2 for the admin account, which makes it easier for remote malicious users to execute arbitrary code by uploading a crafted web s...
Apache Axis2 1.3
Apache Axis2 1.4
Apache Axis2 1.5.2
Apache Axis2 1.6
Apache Axis2 1.5
Apache Axis2 1.4.1
Apache Axis2 1.5.1
Sap Businessobjects 3.2
3 EDB exploits
1 Github repository
NA
CVE-2024-3185
A key used in logging.json does not follow the least privilege principle by default and is exposed to local users in the Rapid7 Platform. This allows an attacker with local access to a machine with the logging.json file to use that key to authenticate to the platform with high p...
NA
CVE-2024-2745
Rapid7's InsightVM maintenance mode login page suffers from a sensitive information exposure vulnerability whereby, sensitive information is exposed through query strings in the URL when login is attempted before the page is fully loaded. This vulnerability allows malicious ...
NA
CVE-2024-0394
Rapid7 Minerva Armor versions below 4.5.5 suffer from a privilege escalation vulnerability whereby an authenticated attacker can elevate privileges and execute arbitrary code with SYSTEM privilege. The vulnerability is caused by the product's implementation of OpenSSL's...
NA
CVE-2024-27198
In JetBrains TeamCity prior to 2023.11.4 authentication bypass allowing to perform admin actions was possible
Jetbrains Teamcity
1 Metasploit module
14 Github repositories
6 Articles
10
CVSSv2
CVE-2012-4956
Heap-based buffer overflow in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote malicious users to execute arbitrary code via a large number of VOL elements in an SRS record.
Novell File Reporter 1.0.2
7.8
CVSSv2
CVE-2012-4957
Absolute path traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote malicious users to read arbitrary files via a /FSF/CMD request with a full pathname in a PATH element of an SRS record.
Novell File Reporter 1.0.2
1 EDB exploit
7.8
CVSSv2
CVE-2012-4958
Directory traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote malicious users to read arbitrary files via a 126 /FSF/CMD request with a .. (dot dot) in a FILE element of an FSFUI record.
Novell File Reporter 1.0.2
1 EDB exploit
8.5
CVSSv2
CVE-2013-0136
Multiple directory traversal vulnerabilities in the EditDocument servlet in the Frontend in Mutiny prior to 5.0-1.11 allow remote authenticated users to upload and execute arbitrary programs, read arbitrary files, or cause a denial of service (file deletion or renaming) via (1) t...
Mutiny Mutiny Virtual Appliance -
Mutiny Mutiny
Mutiny Mutiny 5.0-1.00
Mutiny Mutiny Appliance -
1 EDB exploit
7.5
CVSSv2
CVE-2002-0370
Buffer overflow in the ZIP capability for multiple products allows remote malicious users to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows M...
Ibm Lotus Notes 5.0.10
Ibm Lotus Notes 5.0.11
Ibm Lotus Notes R6
Verity Keyview Viewing Sdk Gold
Ibm Lotus Notes 5.0.2
Ibm Lotus Notes 5.0.3
Winzip Winzip 7.0
Ibm Lotus Notes
Allume Systems Division Stuffit Expander 6.5.2
Ibm Lotus Notes 5.0.4
Ibm Lotus Notes 5.0.5
Ibm Lotus Notes 5.0
Ibm Lotus Notes 5.0.1
Ibm Lotus Notes 5.0.9a
Ibm Lotus Notes R5
Microsoft Windows Xp
Microsoft Windows 98 Plus Pack
Microsoft Windows Me
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »