Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
community server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-2796
A server-side request forgery (SSRF) exists in the Akana Community Manager Developer Portal in versions prior to and including 2022.1.3. Reported by Jakob Antonsson.
5
CVSSv2
CVE-1999-1245
vacm ucd-snmp SNMP server, version 3.52, does not properly disable access to the public community string, which could allow remote malicious users to obtain sensitive information.
Ucd-snmp Ucd-snmp 3.52
NA
CVE-2023-32608
Directory traversal vulnerability in Pleasanter (Community Edition and Enterprise Edition) 1.3.39.2 and previous versions versions allows a remote authenticated malicious user to alter an arbitrary file on the server.
Pleasanter Pleasanter
5
CVSSv2
CVE-2019-15726
An issue exists in GitLab Community and Enterprise Edition up to and including 12.2.1. Embedded images and media files in markdown could be pointed to an arbitrary server, which would reveal the IP address of clients requesting the file from that server.
Gitlab Gitlab
7.5
CVSSv2
CVE-1999-1527
Internal HTTP server in Sun Netbeans Java IDE in Netbeans Developer 3.0 Beta and Forte Community Edition 1.0 Beta does not properly restrict access to IP addresses as specified in its configuration, which allows arbitrary remote malicious users to access the server.
Sun Forte Community 1.0 Beta
Sun Netbeans Developer 3.0 Beta
NA
CVE-2024-3094
Malicious code exists in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific fun...
Tukaani Xz 5.6.1
Tukaani Xz 5.6.0
77 Github repositories
6 Articles
10
CVSSv2
CVE-2020-13159
Artica Proxy prior to 4.30.000000 Community Edition allows OS command injection via the Netbios name, Server domain name, dhclient_mac, Hostname, or Alias field. NOTE: this may overlap CVE-2020-10818.
Articatech Artica Proxy
1 Github repository
5.8
CVSSv2
CVE-2018-1153
Burp Suite Community Edition 1.7.32 and 1.7.33 fail to validate the server certificate in a couple of HTTPS requests which allows a man in the middle to modify or view traffic.
Portswigger Burp Suite 1.7.33
Portswigger Burp Suite 1.7.32
7.5
CVSSv2
CVE-2019-12443
An issue exists in GitLab Community and Enterprise Edition 10.2 up to and including 11.11. Multiple features contained Server-Side Request Forgery (SSRF) vulnerabilities caused by an insufficient validation to prevent DNS rebinding attacks.
Gitlab Gitlab
NA
CVE-2023-28462
A JNDI rebind operation in the default ORB listener in Payara Server 4.1.2.191 (Enterprise), 5.20.0 and newer (Enterprise), and 5.2020.1 and newer (Community), when Java 1.8u181 and previous versions is used, allows remote malicious users to load malicious code on the server once...
Payara Payara Server
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27842
CVE-2024-30657
CVE-2024-4534
hardcoded
SSRF
CVE-2024-21683
CVE-2024-5364
file upload
CVE-2024-5371
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »