Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
database server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-22052
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.19 and 21.3-21.10. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via multip...
Oracle Database Server
NA
CVE-2022-4023
The 3DPrint WordPress plugin prior to 3.5.6.9 does not protect against CSRF attacks in the modified version of Tiny File Manager included with the plugin, allowing an malicious user to craft a malicious request that will create an archive of any files or directories on the target...
3dprint Project 3dprint
NA
CVE-2023-29454
Stored or persistent cross-site scripting (XSS) is a type of XSS where the attacker first sends the payload to the web application, then the application saves the payload (e.g., in a database or server-side text files), and finally, the application unintentionally executes the p...
Zabbix Frontend
NA
CVE-2023-20210
A vulnerability in Cisco BroadWorks could allow an authenticated, local malicious user to elevate privileges to the root user on an affected device. The vulnerability is due to insufficient input validation by the operating system CLI. An attacker could exploit this vulnerability...
Cisco Broadworks Application Delivery Platform Firmware 23.0
Cisco Broadworks Application Delivery Platform Firmware 24.0
Cisco Broadworks Application Delivery Platform Firmware 25.0
Cisco Broadworks Application Server Firmware 23.0
Cisco Broadworks Application Server Firmware 24.0
Cisco Broadworks Application Server Firmware 25.0
Cisco Broadworks Database Server Firmware 23.0
Cisco Broadworks Database Server Firmware 24.0
Cisco Broadworks Database Server Firmware 25.0
Cisco Broadworks Database Troubleshooting Server Firmware 23.0
Cisco Broadworks Database Troubleshooting Server Firmware 24.0
Cisco Broadworks Database Troubleshooting Server Firmware 25.0
Cisco Broadworks Execution Server Firmware 23.0
Cisco Broadworks Execution Server Firmware 24.0
Cisco Broadworks Execution Server Firmware 25.0
Cisco Broadworks Media Server Firmware 23.0
Cisco Broadworks Media Server Firmware 24.0
Cisco Broadworks Media Server Firmware 25.0
Cisco Broadworks Messaging Server Firmware 23.0
Cisco Broadworks Messaging Server Firmware 24.0
Cisco Broadworks Messaging Server Firmware 25.0
Cisco Broadworks Network Database Server Firmware 23.0
NA
CVE-2023-36812
OpenTSDB is a open source, distributed, scalable Time Series Database (TSDB). OpenTSDB is vulnerable to Remote Code Execution vulnerability by writing user-controlled input to Gnuplot configuration file and running Gnuplot with the generated configuration. This issue has been pat...
Opentsdb Opentsdb
1 Metasploit module
1 Github repository
NA
CVE-2023-30258
Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote malicious users to run arbitrary commands via unauthenticated HTTP request.
Magnussolution Magnusbilling
2 Github repositories
NA
CVE-2023-2828
Every `named` instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the `max-cache-size` statement in the con...
Isc Bind
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Netapp Active Iq Unified Manager -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
Netapp H300s Firmware -
NA
CVE-2023-2400
Improper deletion of resource in the user management feature in Devolutions Server 2023.1.8 and previous versions allows an administrator to view users vaults of deleted users via database access.
Devolutions Devolutions Server
NA
CVE-2023-25910
A vulnerability has been identified in SIMATIC PCS 7 (All versions < V9.1 SP2 UC04), SIMATIC S7-PM (All versions), SIMATIC STEP 7 V5 (All versions < V5.7). The affected product contains a database management system that could allow remote users with low privileges to use em...
Siemens Simatic Pcs 7
Siemens Simatic S7-pm
Siemens Simatic Step 7
NA
CVE-2023-2454
schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary code.
Postgresql Postgresql
Redhat Enterprise Linux 8.0
Redhat Software Collections -
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 38
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »