Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
secure access control system vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2014-8027
The RBAC component in Cisco Secure Access Control System (ACS) allows remote authenticated users to obtain Network Device Administrator privileges for Create, Delete, Read, and Update operations via crafted HTTP requests, aka Bug ID CSCuq79034.
Cisco Secure Access Control System -
561
VMScore
CVE-2014-0667
The RMI interface in Cisco Secure Access Control System (ACS) does not properly enforce authorization requirements, which allows remote authenticated users to read arbitrary files via a request to this interface, aka Bug ID CSCud75169.
Cisco Secure Access Control System -
552
VMScore
CVE-2020-14372
A flaw was found in grub2 in versions before 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table (SSDT) containing code to overwrite the Lin...
Gnu Grub2
Redhat Enterprise Linux Server Aus 7.2
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Tus 7.4
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Eus 7.7
Redhat Enterprise Linux Server Aus 7.7
Redhat Enterprise Linux Server Tus 7.7
Redhat Enterprise Linux Server Eus 8.1
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Netapp Cloud Backup -
Netapp Ontap Select Deploy Administration Utility -
1 Github repository
540
VMScore
CVE-2011-0951
The web-based management interface in Cisco Secure Access Control System (ACS) 5.1 prior to 5.1.0.44.6 and 5.2 prior to 5.2.0.26.3 allows remote malicious users to change arbitrary user passwords via unspecified vectors, aka Bug ID CSCtl77440.
Cisco Secure Access Control System 5.1.0.44.1
Cisco Secure Access Control System 5.1.0.44.2
Cisco Secure Access Control System 5.2.0.26.2
Cisco Secure Access Control System 5.1.0.44.3
Cisco Secure Access Control System 5.1.0.44.4
Cisco Secure Access Control System 5.1
Cisco Secure Access Control System 5.1.0.44
Cisco Secure Access Control System 5.2.0.26
Cisco Secure Access Control System 5.2.0.26.1
Cisco Secure Access Control System 5.1.0.44.5
Cisco Secure Access Control System 5.2
536
VMScore
CVE-2004-0230
TCP, when using a large Window Size, makes it easier for remote malicious users to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connection...
Oracle Solaris 11
Oracle Solaris 10
Openpgp Openpgp 2.6.2
Mcafee Network Data Loss Prevention 9.2.1
Mcafee Network Data Loss Prevention 9.2.0
Mcafee Network Data Loss Prevention
Mcafee Network Data Loss Prevention 9.2.2
Netbsd Netbsd 1.5.2
Netbsd Netbsd 1.5.3
Netbsd Netbsd 1.6
Netbsd Netbsd 1.6.1
Netbsd Netbsd 1.6.2
Netbsd Netbsd 2.0
Netbsd Netbsd 1.5
Netbsd Netbsd 1.5.1
Xinuos Openserver 5.0.6
Xinuos Openserver 5.0.7
Juniper Junos
Xinuos Unixware 7.1.1
Xinuos Unixware 7.1.3
7 EDB exploits
2 Github repositories
534
VMScore
CVE-2007-1526
Sun Java System Web Server 6.1 prior to 20070314 allows remote authenticated users with revoked client certificates to bypass the Certificate Revocation List (CRL) authorization control and access secure web server instances running under an account different from that used for t...
Sun Java System Web Server 6.1
534
VMScore
CVE-2006-6573
Unspecified vulnerability in Citrix Access Gateway 4.5 Advanced Edition, and 4.2 with Advanced Access Control (AAC) 4.2, when deployed on the Access Gateway appliance 4.2 up to and including 4.2.2 allows remote authenticated users to "gain access to data" and obtain sen...
Citrix Access Gateway 4.2
Citrix Access Gateway 4.5
Citrix Access Gateway 4.2.1
Citrix Access Gateway 4.2.2
516
VMScore
CVE-2021-3450
The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve paramet...
Openssl Openssl
Freebsd Freebsd 12.2
Netapp Santricity Smi-s Provider Firmware -
Netapp Storagegrid Firmware -
Windriver Linux -
Windriver Linux 18.0
Windriver Linux 19.0
Windriver Linux 17.0
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Ontap Select Deploy Administration Utility -
Netapp Cloud Volumes Ontap Mediator -
Fedoraproject Fedora 34
Tenable Nessus Agent
Tenable Nessus
Tenable Nessus Network Monitor 5.11.1
Tenable Nessus Network Monitor 5.12.0
Tenable Nessus Network Monitor 5.12.1
Tenable Nessus Network Monitor 5.13.0
Tenable Nessus Network Monitor 5.11.0
Oracle Jd Edwards World Security A9.4
Oracle Weblogic Server 12.2.1.4.0
1 Github repository
1 Article
516
VMScore
CVE-2017-3840
A vulnerability in the web interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote malicious user to redirect a user to a malicious web page, aka an Open Redirect Vulnerability. More Information: CSCvc04849. Known Affected Releases: 5.8(2....
Cisco Secure Access Control System 5.8\\(2.5\\)
516
VMScore
CVE-2015-8140
The ntpq protocol in NTP prior to 4.2.8p7 allows remote malicious users to conduct replay attacks by sniffing the network.
Ntp Ntp
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »