Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
messaging server vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2022-20951
A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot application could allow an authenticated, remote malicious user to perform a server-side request forgery (SSRF) attack on an affected device. This vulnerability is due to insufficient validation o...
Cisco Broadworks Messaging Server
8.1
CVSSv3
CVE-2020-14195
FasterXML jackson-databind 2.x prior to 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity).
Fasterxml Jackson-databind
Netapp Steelstore Cloud Integrated Storage -
Netapp Active Iq Unified Manager
Debian Debian Linux 8.0
Oracle Agile Plm 9.3.6
Oracle Banking Digital Experience 18.2
Oracle Banking Digital Experience 18.3
Oracle Banking Digital Experience 19.1
Oracle Banking Digital Experience 18.1
Oracle Communications Instant Messaging Server 10.0.1.4.0
Oracle Communications Diameter Signaling Router
Oracle Banking Digital Experience 19.2
Oracle Banking Digital Experience 20.1
Oracle Communications Evolved Communications Application Server 7.1
Oracle Communications Contacts Server 8.0.0.5.0
Oracle Communications Calendar Server 8.0.0.4.0
Oracle Communications Session Route Manager
Oracle Communications Session Report Manager
Oracle Communications Element Manager
NA
CVE-2004-1050
Heap-based buffer overflow in Internet Explorer 6 allows remote malicious users to execute arbitrary code via long (1) SRC or (2) NAME attributes in IFRAME, FRAME, and EMBED elements, as originally discovered using the mangleme utility, aka "the IFRAME vulnerability" or...
Avaya Ip600 Media Servers R8
Avaya Definity One Media Server R12
Avaya Definity One Media Server R9
Avaya Definity One Media Server R7
Avaya Ip600 Media Servers R9
Avaya Definity One Media Server R8
Avaya S8100 R9
Avaya Definity One Media Server
Microsoft Ie 6.0
Avaya S8100 R11
Avaya S8100
Avaya Ip600 Media Servers R6
Avaya S8100 R7
Avaya Ip600 Media Servers R10
Avaya Ip600 Media Servers
Avaya Ip600 Media Servers R12
Avaya S8100 R6
Avaya S8100 R10
Avaya Ip600 Media Servers R7
Avaya Ip600 Media Servers R11
Avaya Definity One Media Server R6
Avaya S8100 R8
1 EDB exploit
8.1
CVSSv3
CVE-2020-24750
FasterXML jackson-databind 2.x prior to 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration.
Fasterxml Jackson-databind
Oracle Application Testing Suite 13.3.0.1
Oracle Agile Plm 9.3.6
Oracle Communications Policy Management 12.5.0
Oracle Communications Diameter Signaling Router
Oracle Communications Offline Mediation Controller 12.0.0.3.0
Oracle Communications Services Gatekeeper 7.0
Oracle Communications Contacts Server 8.0.0.5.0
Oracle Communications Calendar Server 8.0.0.4.0
Oracle Banking Credit Facilities Process Management 14.3.0
Oracle Banking Corporate Lending Process Management 14.3.0
Oracle Siebel Core - Server Framework
Oracle Communications Unified Inventory Management 7.4.1
Oracle Communications Element Manager
Oracle Autovue For Agile Product Lifecycle Management 21.0.2
Oracle Banking Supply Chain Finance 14.2.0
Oracle Banking Credit Facilities Process Management 14.2.0
Oracle Banking Credit Facilities Process Management 14.5.0
Oracle Banking Corporate Lending Process Management 14.2.0
Oracle Banking Corporate Lending Process Management 14.5.0
Oracle Banking Supply Chain Finance 14.5.0
Oracle Banking Supply Chain Finance 14.3.0
1 Github repository
7.8
CVSSv3
CVE-2023-20216
A vulnerability in the privilege management functionality of all Cisco BroadWorks server types could allow an authenticated, local malicious user to elevate privileges to root on an affected system. This vulnerability is due to incorrect implementation of user role permissions. A...
Cisco Broadworks Application Server
Cisco Broadworks Application Delivery Platform
Cisco Broadworks Network Server
Cisco Broadworks Profile Server
Cisco Broadworks Xtended Services Platform
Cisco Broadworks Troubleshooting Server
Cisco Broadworks Network Function Manager
Cisco Broadworks Network Database Server
Cisco Broadworks Execution Server
Cisco Broadworks Database Server
Cisco Broadworks Service Control Function Server
Cisco Broadworks Media Server
NA
CVE-2004-1307
Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote malicious users to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a ...
Avaya Interactive Response 1.2.1
Libtiff Libtiff 3.6.1
Conectiva Linux 9.0
Sgi Propack 3.0
Avaya Call Management System Server 8.0
F5 Icontrol Service Manager 1.3.5
Avaya Integrated Management
Avaya Interactive Response 1.3
Avaya Call Management System Server 13.0
Libtiff Libtiff 3.4
F5 Icontrol Service Manager 1.3.4
Libtiff Libtiff 3.5.7
Libtiff Libtiff 3.7.0
Avaya Intuity Audix Lx
Libtiff Libtiff 3.6.0
Libtiff Libtiff 3.5.3
Libtiff Libtiff 3.5.4
Libtiff Libtiff 3.5.2
Avaya Call Management System Server 9.0
Avaya Cvlan
Avaya Interactive Response
Libtiff Libtiff 3.5.5
8.1
CVSSv3
CVE-2020-14061
FasterXML jackson-databind 2.x prior to 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnec...
Fasterxml Jackson-databind
Netapp Steelstore Cloud Integrated Storage -
Netapp Active Iq Unified Manager
Debian Debian Linux 8.0
Oracle Agile Plm 9.3.6
Oracle Banking Digital Experience 18.2
Oracle Banking Digital Experience 18.3
Oracle Banking Digital Experience 19.1
Oracle Banking Digital Experience 18.1
Oracle Communications Instant Messaging Server 10.0.1.4.0
Oracle Communications Diameter Signaling Router
Oracle Banking Digital Experience 19.2
Oracle Banking Digital Experience 20.1
Oracle Communications Evolved Communications Application Server 7.1
Oracle Communications Contacts Server 8.0.0.5.0
Oracle Communications Calendar Server 8.0.0.4.0
Oracle Communications Session Route Manager
Oracle Communications Session Report Manager
Oracle Communications Element Manager
Oracle Autovue For Agile Product Lifecycle Management 21.0.2
5.3
CVSSv3
CVE-2020-3160
A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) feature of Cisco Meeting Server software could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition for users of XMPP conferencing applications. Other applications and...
Cisco Meeting Server
NA
CVE-2007-0856
TmComm.sys 1.5.0.1052 in the Trend Micro Anti-Rootkit Common Module (RCM), with the VsapiNI.sys 3.320.0.1003 scan engine, as used in Trend Micro PC-cillin Internet Security 2007, Antivirus 2007, Anti-Spyware for SMB 3.2 SP1, Anti-Spyware for Consumer 3.5, Anti-Spyware for Enterpr...
Trend Micro Trend Micro Antispyware 3.2 Sp1
Trend Micro Damage Cleanup Services 3.2
Trend Micro Trend Micro Antispyware 3.0 Sp2
Trend Micro Tmcomm.sys 1.5.1052
Trend Micro Trend Micro Antirootkit Common Module
Trend Micro Pc-cillin Internet Security 2007
Trend Micro Client-server-messaging Security 3.5
Trend Micro Vsapini.sys 3.320.1003
Trend Micro Trend Micro Antivirus 2007
Trend Micro Trend Micro Antispyware 3.5
7.5
CVSSv3
CVE-2020-13871
SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late.
Sqlite Sqlite 3.32.2
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Oracle Hyperion Infrastructure Technology 11.1.2.4
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Communications Network Charging And Control 12.0.2
Oracle Communications Network Charging And Control 6.0.1
Oracle Zfs Storage Appliance Kit 8.8
Oracle Communications Messaging Server 8.1
Oracle Mysql Workbench
Siemens Sinec Infrastructure Network Services
Netapp Cloud Backup -
Netapp Ontap Select Deploy Administration Utility -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »