Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sec-consult.com vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2018-8546
A denial of service vulnerability exists in Skype for Business, aka "Microsoft Skype for Business Denial of Service Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Lync, Skype.
Microsoft Office 2019
Microsoft Skype For Business Basic 2016
Microsoft Lync Basic 2013
Microsoft Lync 2013
Microsoft Office 365 Proplus -
Microsoft Skype For Business 2016
7.5
CVSSv3
CVE-2018-20679
An issue exists in BusyBox prior to 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP server, client, and relay) allows a remote malicious user to leak sensitive information from the stack by sending a crafted DHCP message. This is related to verification in...
Busybox Busybox
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.10
6.1
CVSSv3
CVE-2019-17092
An XSS vulnerability in project list in OpenProject prior to 9.0.4 and 10.x prior to 10.0.2 allows remote malicious users to inject arbitrary web script or HTML via the sortBy parameter because error messages are mishandled.
Openproject Openproject
5.9
CVSSv3
CVE-2019-11841
A message-forgery issue exists in crypto/openpgp/clearsign/clearsign.go in supplementary Go cryptography libraries 2019-03-25. According to the OpenPGP Message Format specification in RFC 4880 chapter 7, a cleartext signed message can contain one or more optional "Hash"...
Golang Crypto 2019-03-25
Debian Debian Linux 8.0
Debian Debian Linux 9.0
9.8
CVSSv3
CVE-2019-19228
Fronius Solar Inverter devices prior to 3.14.1 (HM 1.12.1) allow malicious users to bypass authentication because the password for the today account is stored in the /tmp/web_users.conf file.
Fronius Datamanager Box 2.0 Firmware
Fronius Eco 25.0-3-s Firmware
Fronius Eco 27.0-3-s Firmware
Fronius Galvo 1.5-1 Firmware
Fronius Galvo 1.5-1 208-240 Firmware
Fronius Galvo 2.0-1 Firmware
Fronius Galvo 2.0-1 208-240 Firmware
Fronius Galvo 2.5-1 Firmware
Fronius Galvo 2.5-1 208-240 Firmware
Fronius Galvo 3.0-1 Firmware
Fronius Galvo 3.1-1 Firmware
Fronius Galvo 3.1-1 208-240 Firmware
Fronius Primo 10.0-1 208-240 Firmware
Fronius Primo 11.4-1 208-240 Firmware
Fronius Primo 12.5-1 208-240 Firmware
Fronius Primo 15.0-1 208-240 Firmware
Fronius Primo 3.0-1 Firmware
Fronius Primo 3.5-1 Firmware
Fronius Primo 3.6-1 Firmware
Fronius Primo 3.8-1 208-240 Firmware
Fronius Primo 4.0-1 Firmware
Fronius Primo 4.6-1 Firmware
6.5
CVSSv3
CVE-2019-19229
admincgi-bin/service.fcgi on Fronius Solar Inverter devices prior to 3.14.1 (HM 1.12.1) allows action=download&filename= Directory Traversal.
Fronius Datamanager Box 2.0 Firmware
Fronius Eco 25.0-3-s Firmware
Fronius Eco 27.0-3-s Firmware
Fronius Galvo 1.5-1 Firmware
Fronius Galvo 1.5-1 208-240 Firmware
Fronius Galvo 2.0-1 Firmware
Fronius Galvo 2.0-1 208-240 Firmware
Fronius Galvo 2.5-1 Firmware
Fronius Galvo 2.5-1 208-240 Firmware
Fronius Galvo 3.0-1 Firmware
Fronius Galvo 3.1-1 Firmware
Fronius Galvo 3.1-1 208-240 Firmware
Fronius Primo 10.0-1 208-240 Firmware
Fronius Primo 11.4-1 208-240 Firmware
Fronius Primo 12.5-1 208-240 Firmware
Fronius Primo 15.0-1 208-240 Firmware
Fronius Primo 3.0-1 Firmware
Fronius Primo 3.5-1 Firmware
Fronius Primo 3.6-1 Firmware
Fronius Primo 3.8-1 208-240 Firmware
Fronius Primo 4.0-1 Firmware
Fronius Primo 4.6-1 Firmware
4.8
CVSSv3
CVE-2021-21029
Magento versions 2.4.1 (and previous versions), 2.4.0-p1 (and previous versions) and 2.3.6 (and previous versions) are affected by a Reflected Cross-site Scripting vulnerability via 'file' parameter. Successful exploitation could lead to arbitrary JavaScript execution i...
Magento Magento
Magento Magento 2.3.6
Magento Magento 2.4.0
Magento Magento 2.4.1
6.1
CVSSv3
CVE-2022-29034
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). An error message pop up window in the web interface of the affected application does not prevent injection of JavaScript code. This could allow malicious users to perform reflected cross...
Siemens Sinema Remote Connect Server
NA
CVE-2014-5217
Cross-site request forgery (CSRF) vulnerability in nps/servlet/webacc in the Administration Console server in NetIQ Access Manager (NAM) 4.x prior to 4.1 allows remote malicious users to hijack the authentication of administrators for requests that change the administrative passw...
Microfocus Access Manager 4.0.1
Microfocus Access Manager 4.0
NA
CVE-2013-1617
Multiple SQL injection vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance prior to 5.1.1 allow remote authenticated administrators to execute arbitrary SQL commands via unspecified vectors.
Symantec Web Gateway 5.0
Symantec Web Gateway 5.0.1
Symantec Web Gateway 5.0.2
Symantec Web Gateway 5.0.3
Symantec Web Gateway 5.0.3.18
Symantec Web Gateway
Symantec Web Gateway Appliance 8450 -
Symantec Web Gateway Appliance 8490 -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-3611
CVE-2024-4947
CVE-2024-32988
CVE-2020-35165
local file inclusion
CVE-2024-4980
bypass
malicious code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »