Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
se vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2007-4846
SQL injection vulnerability in start.php in Webace-Linkscript (wls) 1.3 Special Edition (SE) allows remote malicious users to execute arbitrary SQL commands via the id parameter in a rubrik go action.
Webace Webace-linkscript 1.3
1 EDB exploit
1000
VMScore
CVE-2004-0343
Multiple SQL injection vulnerabilities in YaBB SE 1.5.4 up to and including 1.5.5b allow remote malicious users to execute arbitrary SQL via (1) the msg parameter in ModifyMessage.php or (2) the postid parameter in ModifyMessage.php.
Yabb Yabb 1.5.5
Yabb Yabb 1.5.5b
Yabb Yabb 1.5.4
1 EDB exploit
645
VMScore
CVE-2004-0344
Directory traversal vulnerability in ModifyMessage.php in YaBB SE 1.5.4 up to and including 1.5.5b allows remote malicious users to delete arbitrary files via a .. (dot dot) in the attachOld parameter.
Yabb Yabb 1.5.5
Yabb Yabb 1.5.5b
1 EDB exploit
NA
CVE-2023-31274
AVEVA PI Server versions 2023 and 2018 SP3 P05 and prior contain a vulnerability that could allow an unauthenticated user to cause the PI Message Subsystem of a PI Server to consume available memory resulting in throttled processing of new PI Data Archive events and a partial de...
Aveva Pi Server 2018
Aveva Pi Server 2023
Aveva Pi Server
NA
CVE-2023-34348
AVEVA PI Server versions 2023 and 2018 SP3 P05 and prior contain a vulnerability that could allow an unauthenticated user to remotely crash the PI Message Subsystem of a PI Server, resulting in a denial-of-service condition.
Aveva Pi Server 2018
Aveva Pi Server 2023
Aveva Pi Server
435
VMScore
CVE-2004-1827
Cross-site scripting (XSS) vulnerability in YaBB 1 Gold(SP1.3) and YaBB SE 1.5.1 Final allows remote malicious users to inject arbitrary web script via the background:url property in (1) glow or (2) shadow tags.
Yabb Yabb 1 Gold - Sp 1.3
Simple Machines Simple Machines Smf 1.0 B
Yabb Yabb 1.5.1
1 EDB exploit
935
VMScore
CVE-2009-1672
The Deployment Toolkit ActiveX control in deploytk.dll 6.0.130.3 in Sun Java SE Runtime Environment (aka JRE) 6 Update 13 allows remote malicious users to (1) execute arbitrary code via a .jnlp URL in the argument to the launch method, and might allow remote malicious users to la...
Sun Jre 6
1 EDB exploit
935
VMScore
CVE-2009-1671
Multiple buffer overflows in the Deployment Toolkit ActiveX control in deploytk.dll 6.0.130.3 in Sun Java SE Runtime Environment (aka JRE) 6 Update 13 allow remote malicious users to execute arbitrary code via a long string argument to the (1) setInstallerType, (2) setAdditionalP...
Sun Jre 6
1 EDB exploit
445
VMScore
CVE-2014-2143
The IKE implementation in Cisco IOS 15.4(1)T and previous versions and IOS XE allows remote malicious users to cause a denial of service (security-association drop) via crafted Main Mode packets, aka Bug ID CSCun31021.
Cisco Ios 15.3(2)s
Cisco Ios 15.1
Cisco Ios 15.4
Cisco Ios 15.3s
Cisco Ios 15.0
Cisco Ios 15.3
Cisco Ios
Cisco Ios 15.3(3)m
Cisco Ios 15.3(3)m2
Cisco Ios 15.0(1)se
Cisco Ios Xe -
Cisco Ios 15.3(3)m1
Cisco Ios 15.3(3)s
Cisco Ios 15.2
445
VMScore
CVE-2021-21349
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote malicious user to request data from internal resources that are not publicly available only by manipulating the processed inpu...
Xstream Project Xstream
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Oracle Banking Platform 2.4.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 11.1.1.9.0
Oracle Communications Unified Inventory Management 7.3.2
Oracle Communications Unified Inventory Management 7.3.4
Oracle Communications Unified Inventory Management 7.3.5
Oracle Communications Unified Inventory Management 7.4.0
Oracle Communications Policy Management 12.5.0
Oracle Webcenter Portal 12.2.1.4.0
Oracle Banking Platform 2.7.1
Oracle Banking Platform 2.9.0
Oracle Banking Virtual Account Management 14.3.0
Oracle Communications Billing And Revenue Management Elastic Charging Engine 12.0.0.3.0
Oracle Business Activity Monitoring 12.2.1.3.0
Oracle Business Activity Monitoring 11.1.1.9.0
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2023-38506
CVE-2024-37198
CVE-2023-45197
CVE-2024-38621
CVE-2024-30103
elevation of privilege
CVE-2024-0044
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »