Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
base vulnerabilities and exploits
(subscribe to this query)
695
VMScore
CVE-2022-21251
Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: Instance Main). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle In...
Oracle Installed Base
409
VMScore
CVE-2018-12539
In Eclipse OpenJ9 version 0.8, users other than the process owner may be able to use Java Attach API to connect to an Eclipse OpenJ9 or IBM JVM on the same machine and use Attach API operations, which includes the ability to execute untrusted native code. Attach API is enabled by...
Eclipse Openj9 0.8
Oracle Enterprise Manager Base Platform 13.2.0.0.0
Oracle Enterprise Manager Base Platform 13.3.0.0.0
505
VMScore
CVE-2007-3556
Liesbeth base CMS stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download an include file containing account credentials via a direct request for config.inc.
Doubleflex Liesbeth Base Cms
1 EDB exploit
570
VMScore
CVE-2021-3652
A flaw was found in 389-ds-base. If an asterisk is imported as password hashes, either accidentally or maliciously, then instead of being inactive, any password will successfully match during authentication. This flaw allows an malicious user to successfully authenticate as a use...
Port389 389-ds-base
605
VMScore
CVE-2020-8473
Insufficient folder permissions used by system functions in ABB System 800xA Base (version 6.1 and previous versions) allow low privileged users to read, modify, add and delete system and application files. An authenticated attacker who successfully exploit the vulnerabilities co...
Abb 800xa Base System
409
VMScore
CVE-2020-8474
Weak Registry permissions in ABB System 800xA Base allow low privileged users to read and modify registry settings related to control system functionality, allowing an authenticated malicious user to cause system functions to stop or malfunction.
Abb 800xa Base System
409
VMScore
CVE-2020-8487
Insufficient protection of the inter-process communication functions in ABB System 800xA Base (all published versions) enables an attacker authenticated on the local system to inject data, affect node redundancy handling.
Abb 800xa Base System
385
VMScore
CVE-2021-31589
A cross-site scripting (XSS) vulnerability has been reported and confirmed for BeyondTrust Secure Remote Access Base Software version 6.0.1 and older, which allows the injection of unauthenticated, specially-crafted web requests without proper sanitization.
Beyondtrust Appliance Base Software
5 Github repositories
NA
CVE-2023-2600
The Custom Base Terms WordPress plugin prior to 1.0.3 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in mult...
Artprojectgroup Custom Base Terms
NA
CVE-2023-25141
Apache Sling JCR Base < 3.1.12 has a critical injection vulnerability when running on old JDK versions (JDK 1.8.191 or earlier) through utility functions in RepositoryAccessor. The functions getRepository and getRepositoryFromURL allow an application to access data stored in a...
Apache Sling Jcr Base
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »