Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
security secret server vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2020-13777
GnuTLS 3.6.x prior to 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3). The earliest affected version is 3.6.4 (2018-09-24) because of an error in a 2018-09-18 commit. Until the firs...
Gnu Gnutls
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Debian Debian Linux 10.0
8 Github repositories
NA
CVE-2023-20243
A vulnerability in the RADIUS message processing feature of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote malicious user to cause the affected system to stop processing RADIUS packets. This vulnerability is due to improper handling of certain RADIUS ...
Cisco Identity Services Engine 3.1
Cisco Identity Services Engine 3.2
NA
CVE-2023-32312
UmbracoIdentityExtensions is an Umbraco add-on package that enables easy extensibility points for ASP.Net Identity integration. In affected versions client secrets are not required which may expose some endpoints to untrusted actors. Since Umbraco is not a single-page application...
Umbraco Umbraco Identity Extensibility
5
CVSSv2
CVE-2015-7944
The RESTful control interface (aka RAPI or ganeti-rapi) in Ganeti prior to 2.9.7, 2.10.x prior to 2.10.8, 2.11.x prior to 2.11.8, 2.12.x prior to 2.12.6, 2.13.x prior to 2.13.3, 2.14.x prior to 2.14.2, and 2.15.x prior to 2.15.2, when used in SSL mode, allows remote malicious use...
Spi-inc Ganeti
Spi-inc Ganeti 2.11.7
Spi-inc Ganeti 2.11.6
Spi-inc Ganeti 2.12.0
Spi-inc Ganeti 2.12.4
Spi-inc Ganeti 2.12.3
Spi-inc Ganeti 2.13.0
Spi-inc Ganeti 2.12.5
Spi-inc Ganeti 2.12.2
Spi-inc Ganeti 2.12.1
Spi-inc Ganeti 2.14.0
Spi-inc Ganeti 2.13.2
Spi-inc Ganeti 2.13.1
Spi-inc Ganeti 2.15.1
Spi-inc Ganeti 2.15.0
Spi-inc Ganeti 2.14.1
Spi-inc Ganeti 2.10.4
Spi-inc Ganeti 2.10.3
Spi-inc Ganeti 2.10.2
Spi-inc Ganeti 2.10.1
Spi-inc Ganeti 2.10.7
Spi-inc Ganeti 2.10.6
1 EDB exploit
NA
CVE-2022-39251
Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Prior to version 19.7.0, an attacker cooperating with a malicious homeserver can construct messages that legitimately appear to have come from another person, without any indication such as a grey shield. Addit...
Matrix Javascript Sdk
1 Article
NA
CVE-2015-00053
Core Security Technologies Advisory - The Microsoft Netlogon Remote Protocol is a remote procedure call (RPC) interface that is used, among other things, for user and machine authentication on domain-based networks. In a scenario where a client machine connects to a domain-joined...
7.8
CVSSv2
CVE-2018-15369
A vulnerability in the TACACS+ client subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote malicious user to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to improper hand...
Cisco Ios Xe -
Cisco Ios 15.6(1.9)t
5
CVSSv2
CVE-2004-0644
The asn1buf_skiptail function in the ASN.1 decoder library for MIT Kerberos 5 (krb5) 1.2.2 up to and including 1.3.4 allows remote malicious users to cause a denial of service (infinite loop) via a certain BER encoding.
Mit Kerberos 5 1.2.2
Mit Kerberos 5 1.2.3
Mit Kerberos 5 1.2.4
Mit Kerberos 5 1.2.5
Mit Kerberos 5 1.2.6
Mit Kerberos 5 1.2.7
Mit Kerberos 5 1.2.8
Mit Kerberos 5 1.3
Mit Kerberos 5 1.3.1
Mit Kerberos 5 1.3.2
Mit Kerberos 5 1.3.3
Mit Kerberos 5 1.3.4
NA
CVE-2023-51442
Navidrome is an open source web-based music collection server and streamer. A security vulnerability has been identified in navidrome's subsonic endpoint, allowing for authentication bypass. This exploit enables unauthorized access to any known account by utilizing a JSON We...
Navidrome Navidrome
7.5
CVSSv2
CVE-2013-0156
active_support/core_ext/hash/conversions.rb in Ruby on Rails prior to 2.3.15, 3.0.x prior to 3.0.19, 3.1.x prior to 3.1.10, and 3.2.x prior to 3.2.11 does not properly restrict casts of string values, which allows remote malicious users to conduct object-injection attacks and exe...
Rubyonrails Ruby On Rails
Rubyonrails Rails
Debian Debian Linux 7.0
Debian Debian Linux 6.0
2 EDB exploits
2 Metasploit modules
2 Nmap scripts
11 Github repositories
3 Articles
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »