Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ipswitch vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2000-0825
Ipswitch Imail 6.0 allows remote malicious users to cause a denial of service via a large number of connections in which a long Host: header is sent, which causes a thread to crash.
Ipswitch Imail 6.00
9.8
CVSSv3
CVE-2018-5777
An issue exists in Ipswitch WhatsUp Gold prior to 2017 Plus SP1 (17.1.1). Remote clients can take advantage of a misconfiguration in the TFTP server that could allow malicious users to execute arbitrary commands on the TFTP server via unspecified vectors.
Ipswitch Whatsup Gold
9.8
CVSSv3
CVE-2018-8938
A Code Injection issue exists in DlgSelectMibFile.asp in Ipswitch WhatsUp Gold prior to 2018 (18.0). Malicious actors can inject a specially crafted SNMP MIB file that could allow them to execute arbitrary commands and code on the WhatsUp Gold server.
Ipswitch Whatsup Gold
9.8
CVSSv3
CVE-2018-8939
An SSRF issue exists in NmAPI.exe in Ipswitch WhatsUp Gold prior to 2018 (18.0). Malicious actors can submit specially crafted requests via the NmAPI executable to (1) gain unauthorized access to the WhatsUp Gold system, (2) obtain information about the WhatsUp Gold system, or (3...
Ipswitch Whatsup Gold
9.4
CVSSv3
CVE-2019-16383
MOVEit.DMZ.WebApi.dll in Progress MOVEit Transfer 2018 SP2 prior to 10.2.4, 2019 prior to 11.0.2, and 2019.1 prior to 11.1.1 allows an unauthenticated malicious user to gain unauthorized access to the database. Depending on the database engine being used (MySQL, Microsoft SQL Ser...
Ipswitch Moveit Transfer
9.8
CVSSv3
CVE-2018-5778
An issue exists in Ipswitch WhatsUp Gold prior to 2017 Plus SP1 (17.1.1). Multiple SQL injection vulnerabilities are present in the legacy .ASP pages, which could allow malicious users to execute arbitrary SQL commands via unspecified vectors.
Ipswitch Whatsup Gold
NA
CVE-2006-2531
Ipswitch WhatsUp Professional 2006 only verifies the user's identity via HTTP headers, which allows remote malicious users to spoof being a trusted console and bypass authentication by setting HTTP User-Agent header to "Ipswitch/1.0" and the User-Application header...
Ipswitch Whatsup Professional 2006
1 EDB exploit
6.9
CVSSv3
CVE-2015-6005
Multiple cross-site scripting (XSS) vulnerabilities in IPSwitch WhatsUp Gold prior to 16.4 allow remote malicious users to inject arbitrary web script or HTML via (1) an SNMP OID object, (2) an SNMP trap message, (3) the View Names field, (4) the Group Names field, (5) the Flow M...
Ipswitch Whatsup Gold
NA
CVE-2007-4555
Cross-site scripting (XSS) vulnerability in Ipswitch WS_FTP allows remote malicious users to inject arbitrary web script or HTML via arguments to a valid command, which is not properly handled when it is displayed by the view log option in the administration interface. NOTE: this...
Ipswitch Ws Ftp
9.8
CVSSv3
CVE-2017-12639
Stack based buffer overflow in Ipswitch IMail server up to and including 12.5.5 allows remote malicious users to execute arbitrary code via unspecified vectors in IMmailSrv, aka ETRE or ETCTERARED.
Ipswitch Imail Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »