Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ipswitch vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2000-0825
Ipswitch Imail 6.0 allows remote malicious users to cause a denial of service via a large number of connections in which a long Host: header is sent, which causes a thread to crash.
Ipswitch Imail 6.00
9.8
CVSSv3
CVE-2019-18464
In Progress MOVEit Transfer 10.2 prior to 10.2.6 (2018.3), 11.0 prior to 11.0.4 (2019.0.4), and 11.1 prior to 11.1.3 (2019.1.3), multiple SQL Injection vulnerabilities have been found in the REST API that could allow an unauthenticated malicious user to gain unauthorized access t...
Ipswitch Moveit Transfer
NA
CVE-2001-0039
IPSwitch IMail 6.0.5 allows remote malicious users to cause a denial of service using the SMTP AUTH command by sending a base64-encoded user password whose length is between 80 and 136 bytes.
Ipswitch Imail 6.0.5
NA
CVE-2006-2531
Ipswitch WhatsUp Professional 2006 only verifies the user's identity via HTTP headers, which allows remote malicious users to spoof being a trusted console and bypass authentication by setting HTTP User-Agent header to "Ipswitch/1.0" and the User-Application header...
Ipswitch Whatsup Professional 2006
1 EDB exploit
7.5
CVSSv3
CVE-2005-2160
IMail stores usernames and passwords in cleartext in a cookie, which allows remote malicious users to obtain sensitive information.
Ipswitch Imail 2006
9.8
CVSSv3
CVE-2017-12638
Stack based buffer overflow in Ipswitch IMail server up to and including 12.5.5 allows remote malicious users to execute arbitrary code via unspecified vectors in IMmailSrv, aka ETBL or ETCETERABLUE.
Ipswitch Imail Server
9.8
CVSSv3
CVE-2017-12639
Stack based buffer overflow in Ipswitch IMail server up to and including 12.5.5 allows remote malicious users to execute arbitrary code via unspecified vectors in IMmailSrv, aka ETRE or ETCTERARED.
Ipswitch Imail Server
4.3
CVSSv3
CVE-2015-7677
The MOVEitISAPI service in Ipswitch MOVEit DMZ prior to 8.2 provides different error messages depending on whether a FileID exists, which allows remote authenticated users to enumerate FileIDs via the X-siLock-FileID parameter in a download action to MOVEitISAPI/MOVEitISAPI.dll.
Ipswitch Moveit Dmz
6.1
CVSSv3
CVE-2015-7679
Cross-site scripting (XSS) vulnerability in Ipswitch MOVEit Mobile prior to 1.2.2 allows remote malicious users to inject arbitrary web script or HTML via the query string to mobile/.
Ipswitch Moveit Mobile
9.4
CVSSv3
CVE-2019-16383
MOVEit.DMZ.WebApi.dll in Progress MOVEit Transfer 2018 SP2 prior to 10.2.4, 2019 prior to 11.0.2, and 2019.1 prior to 11.1.1 allows an unauthenticated malicious user to gain unauthorized access to the database. Depending on the database engine being used (MySQL, Microsoft SQL Ser...
Ipswitch Moveit Transfer
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »