Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
security secret server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-32312
UmbracoIdentityExtensions is an Umbraco add-on package that enables easy extensibility points for ASP.Net Identity integration. In affected versions client secrets are not required which may expose some endpoints to untrusted actors. Since Umbraco is not a single-page application...
Umbraco Umbraco Identity Extensibility
5
CVSSv2
CVE-2015-7944
The RESTful control interface (aka RAPI or ganeti-rapi) in Ganeti prior to 2.9.7, 2.10.x prior to 2.10.8, 2.11.x prior to 2.11.8, 2.12.x prior to 2.12.6, 2.13.x prior to 2.13.3, 2.14.x prior to 2.14.2, and 2.15.x prior to 2.15.2, when used in SSL mode, allows remote malicious use...
Spi-inc Ganeti 2.15.0
Spi-inc Ganeti 2.14.0
Spi-inc Ganeti 2.13.1
Spi-inc Ganeti 2.12.3
Spi-inc Ganeti 2.12.4
Spi-inc Ganeti 2.10.0
Spi-inc Ganeti 2.10.6
Spi-inc Ganeti 2.10.7
Spi-inc Ganeti 2.11.4
Spi-inc Ganeti 2.11.5
Spi-inc Ganeti 2.14.1
Spi-inc Ganeti 2.13.0
Spi-inc Ganeti 2.12.0
Spi-inc Ganeti 2.10.1
Spi-inc Ganeti 2.10.2
Spi-inc Ganeti 2.10.3
Spi-inc Ganeti 2.11.0
Spi-inc Ganeti 2.11.1
Spi-inc Ganeti
Spi-inc Ganeti 2.15.1
Spi-inc Ganeti 2.13.2
Spi-inc Ganeti 2.12.5
1 EDB exploit
NA
CVE-2022-39251
Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Prior to version 19.7.0, an attacker cooperating with a malicious homeserver can construct messages that legitimately appear to have come from another person, without any indication such as a grey shield. Addit...
Matrix Javascript Sdk
1 Article
NA
CVE-2015-00053
Core Security Technologies Advisory - The Microsoft Netlogon Remote Protocol is a remote procedure call (RPC) interface that is used, among other things, for user and machine authentication on domain-based networks. In a scenario where a client machine connects to a domain-joined...
NA
CVE-2023-20243
A vulnerability in the RADIUS message processing feature of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote malicious user to cause the affected system to stop processing RADIUS packets. This vulnerability is due to improper handling of certain RADIUS ...
Cisco Identity Services Engine 3.1
Cisco Identity Services Engine 3.2
7.8
CVSSv2
CVE-2018-15369
A vulnerability in the TACACS+ client subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote malicious user to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to improper hand...
Cisco Ios 15.6\\(1.9\\)t
Cisco Ios Xe -
5
CVSSv2
CVE-2004-0644
The asn1buf_skiptail function in the ASN.1 decoder library for MIT Kerberos 5 (krb5) 1.2.2 up to and including 1.3.4 allows remote malicious users to cause a denial of service (infinite loop) via a certain BER encoding.
Mit Kerberos 5 1.2.7
Mit Kerberos 5 1.2.8
Mit Kerberos 5 1.2.2
Mit Kerberos 5 1.3
Mit Kerberos 5 1.3.1
Mit Kerberos 5 1.2.5
Mit Kerberos 5 1.2.6
Mit Kerberos 5 1.3.4
Mit Kerberos 5 1.2.3
Mit Kerberos 5 1.2.4
Mit Kerberos 5 1.3.2
Mit Kerberos 5 1.3.3
NA
CVE-2023-51442
Navidrome is an open source web-based music collection server and streamer. A security vulnerability has been identified in navidrome's subsonic endpoint, allowing for authentication bypass. This exploit enables unauthorized access to any known account by utilizing a JSON We...
Navidrome Navidrome
7.5
CVSSv2
CVE-2013-0156
active_support/core_ext/hash/conversions.rb in Ruby on Rails prior to 2.3.15, 3.0.x prior to 3.0.19, 3.1.x prior to 3.1.10, and 3.2.x prior to 3.2.11 does not properly restrict casts of string values, which allows remote malicious users to conduct object-injection attacks and exe...
Rubyonrails Ruby On Rails
Rubyonrails Rails
Debian Debian Linux 7.0
Debian Debian Linux 6.0
2 EDB exploits
2 Metasploit modules
2 Nmap scripts
11 Github repositories
3 Articles
6
CVSSv2
CVE-2017-13718
The HTTP API supported by Starry Station (aka Starry Router) allows brute forcing the PIN setup by the user on the device, and this allows an malicious user to change the Wi-Fi settings and PIN, as well as port forward and expose any internal device's port to the Internet. I...
Starry S00111 Firmware -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »