Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
k vulnerabilities and exploits
(subscribe to this query)
4.9
CVSSv3
CVE-2022-2764
A flaw was found in Undertow. Denial of service can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations.
Redhat Jboss Enterprise Application Platform 7.0.0
Redhat Single Sign-on 7.0
Redhat Jboss Fuse 7.0.0
Redhat Integration Camel K -
Redhat Undertow 2.3.0
Redhat Undertow
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager -
Netapp Cloud Secure Agent -
5.3
CVSSv3
CVE-2023-1258
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ABB Flow-X firmware on Flow-X embedded hardware (web service modules) allows Footprinting.This issue affects Flow-X: prior to 4.0.
Abb Flow-x/m Firmware
Abb Flow-x/c Firmware
Abb Flow-x/k Firmware
Abb Flow-x/s Firmware
Abb Flow-x/p Firmware
Abb Flow-x R Firmware
Abb Flow-x/t Firmware
Abb Flow-x/web Firmware
6.7
CVSSv3
CVE-2021-4178
A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an improperly configured YAML parsing, this will allow a local and privileged malicious user to supply malicious YAML.
Redhat Fabric8-kubernetes
Redhat Fabric8-kubernetes 5.8.0
Redhat Fabric8-kubernetes 5.0.0
Redhat Process Automation 7.0
Redhat Openshift Application Runtimes -
Redhat Descision Manager 7.0
Redhat Integration Camel K -
Redhat A-mq Streams 2.0.1
Redhat Fuse 7.11
Redhat Integration Camel Quarkus 2.2.1
Redhat Build Of Quarkus 2.2.5
7.5
CVSSv3
CVE-2022-1259
A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server. This flaw exists because of an incomplete fix for CVE-2021-3629.
Redhat Jboss Enterprise Application Platform 7.0.0
Redhat Single Sign-on 7.0
Redhat Openshift Application Runtimes -
Redhat Build Of Quarkus -
Redhat Integration Camel K -
Redhat Undertow
Redhat Undertow 2.2.18
Redhat Undertow 2.2.19
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager -
Netapp Cloud Secure Agent -
7.5
CVSSv3
CVE-2022-4492
The undertow client is not checking the server identity presented by the server certificate in https connections. This is a compulsory step (at least it should be performed by default) in https and in http/2. I would add it to any TLS client protocol.
Redhat Jboss Enterprise Application Platform 7.0.0
Redhat Single Sign-on 7.0
Redhat Jboss Fuse 7.0.0
Redhat Build Of Quarkus -
Redhat Integration Service Registry -
Redhat Integration Camel K -
Redhat Undertow 2.7.0
Redhat Integration Camel For Spring Boot -
Redhat Migration Toolkit For Applications 6.0
Redhat Migration Toolkit For Runtimes -
NA
CVE-2002-0213
xkas in Xinet K-AShare 0.011.01 for IRIX allows local users to read arbitrary files via a symlink attack on the VOLICON file, which is copied to the .HSicon file in a shared directory.
Sgi Irix 6.5.6
Sgi Irix 6.5.1
Sgi Irix 6.5.10
Sgi Irix 6.5.12
Sgi Irix 6.5.9
Sgi Irix 6.5.15
Sgi Irix 6.5.3
Sgi Irix 6.5.14
Sgi Irix 6.5.8
Sgi Irix 6.5.5
Sgi Irix 6.5.4
Xinet K-ashare 11.01
Sgi Irix 6.5.11
Sgi Irix 6.5.2
Sgi Irix 6.5
Sgi Irix 6.5.7
Sgi Irix 6.5.13
5.3
CVSSv3
CVE-2021-3642
A flaw was found in Wildfly Elytron in versions before 1.10.14.Final, before 1.15.5.Final and before 1.16.1.Final where ScramServer may be susceptible to Timing Attack if enabled. The highest threat of this vulnerability is confidentiality.
Redhat Wildfly Elytron
Redhat Jboss Enterprise Application Platform 7.0.0
Redhat Jboss Fuse 7.0.0
Redhat Process Automation 7.0
Redhat Openshift Application Runtimes -
Redhat Descision Manager 7.0
Redhat Codeready Studio 12.0
Redhat Data Grid 8.0
Redhat Build Of Quarkus -
Redhat Integration Camel K -
Redhat Jboss Enterprise Application Platform Expansion Pack -
Redhat Integration Camel Quarkus
Quarkus Quarkus
8.1
CVSSv3
CVE-2023-4853
A flaw was found in Quarkus where HTTP security policies are not sanitizing certain character permutations correctly when accepting requests, resulting in incorrect evaluation of permissions. This issue could allow an malicious user to bypass the security policy altogether, resul...
Quarkus Quarkus
Redhat Decision Manager 7.0
Redhat Jboss Middleware Text-only Advisories 1.0
Redhat Jboss Middleware 1
Redhat Integration Service Registry -
Redhat Integration Camel Quarkus -
Redhat Build Of Quarkus
Redhat Openshift Serverless -
Redhat Integration Camel K
Redhat Process Automation Manager 7.0
Redhat Build Of Optaplanner 8.0
Redhat Openshift Serverless 1.0
Redhat Openshift Container Platform 4.10
Redhat Openshift Container Platform 4.11
Redhat Openshift Container Platform 4.12
3 Github repositories
NA
CVE-2007-4562
Unspecified vulnerability in Hitachi DABroker prior to 03-02-/D and Cosminexus DABroker prior to 02-04-/C and 03-05-/E allows remote malicious users to cause a denial of service (connection prevention) by sending "data unexpectedly through a port."
Hitachi Dabroker 03 04
Hitachi Dabroker 02 02
Hitachi Cosminexus Dabroker 03 00
Hitachi Dabroker 03 11 B 1
Hitachi Dabroker 03 02 C
Hitachi Dabroker 02 07
Hitachi Cosminexus Dabroker 03 06 K 1
Hitachi Dabroker 02 01
Hitachi Cosminexus Dabroker 02 04
Hitachi Cosminexus Dabroker 03 05 1
Hitachi Dabroker 03 09 E 1
Hitachi Dabroker 03 13 1
Hitachi Dabroker 03 14 1
Hitachi Dabroker 02 00
NA
CVE-2007-0161
The PML Driver HPZ12 (HPZipm12.exe) in the HP all-in-one drivers, as used by multiple HP products, uses insecure SERVICE_CHANGE_CONFIG DACL permissions, which allows local users to gain privileges and execute arbitrary programs, as demonstrated by modifying the binpath argument, ...
Hp Pml Driver Hpz12
Hp Officejet 4100
Hp Psc 900
Hp Psc 1300
Hp Psc 2100
Hp Officejet 7100
Hp Officejet 5500
Hp Officejet 6100
Hp Officejet K
Hp Psc 1100
Hp Psc 2400 Photosmart All-in-one
Hp Psc 2200
Hp Psc 2510 Photosmart
Hp Color Laserjet 4650
Hp Officejet 5100
Hp Psc 700
Hp Officejet D
Hp Psc 2500 Photosmart All-in-one
Hp Psc 1210 All-in-one
Hp Psc 1200
Hp Officejet G
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »