Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2018-8022
A carefully crafted invalid TLS handshake can cause Apache Traffic Server (ATS) to segfault. This affects version 6.2.2. To resolve this issue users running 6.2.2 should upgrade to 6.2.3 or later versions.
Apache Traffic Server
4.3
CVSSv2
CVE-2018-8023
Apache Mesos can be configured to require authentication to call the Executor HTTP API using JSON Web Token (JWT). In Apache Mesos versions pre-1.4.2, 1.5.0, 1.5.1, 1.6.0 the comparison of the generated HMAC value against the provided signature in the JWT implementation used is v...
Apache Mesos 1.5.0
Apache Mesos 1.5.1
Apache Mesos 1.6.0
Apache Mesos
4.9
CVSSv2
CVE-2018-8024
In Apache Spark 2.1.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, it's possible for a malicious user to construct a URL pointing to a Spark cluster's UI's job and stage info pages, and if a user can be tricked into accessing the URL, can be used to cause script to execute...
Apache Spark
Apache Spark 2.3.0
Mozilla Firefox -
6.8
CVSSv2
CVE-2018-8025
CVE-2018-8025 describes an issue in Apache HBase that affects the optional "Thrift 1" API server when running over HTTP. There is a race-condition which could lead to authenticated sessions being incorrectly applied to users, e.g. one authenticated user would be conside...
Apache Hbase 0.92.0
Apache Hbase
2.1
CVSSv2
CVE-2018-8026
This vulnerability in Apache Solr 6.0.0 to 6.6.4 and 7.0.0 to 7.3.1 relates to an XML external entity expansion (XXE) in Solr config files (currency.xml, enumsConfig.xml referred from schema.xml, TIKA parsecontext config file). In addition, Xinclude functionality provided in thes...
Apache Solr
Netapp Snapcenter -
Netapp Storage Automation Store -
6.5
CVSSv2
CVE-2019-20659
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R6400v2 prior to 1.0.4.84, R6700 prior to 1.0.2.8, R6700v3 prior to 1.0.4.84, R6900 prior to 1.0.2.8, and R7900 prior to 1.0.3.10.
Netgear R6400 Firmware
Netgear R6700 Firmware
Netgear R6900 Firmware
Netgear R7900 Firmware
3.5
CVSSv2
CVE-2019-20664
Certain NETGEAR devices are affected by stored XSS. This affects RBR20 prior to 2.3.5.26, RBS20 prior to 2.3.5.26, RBK20 prior to 2.3.5.26, RBR40 prior to 2.3.5.30, RBS40 prior to 2.3.5.30, RBK40 prior to 2.3.5.30, RBR50 prior to 2.3.5.30, RBS50 prior to 2.3.5.30, and RBK50 prior...
Netgear Rbr20 Firmware
Netgear Rbs20 Firmware
Netgear Rbk20 Firmware
Netgear Rbr40 Firmware
Netgear Rbs40 Firmware
Netgear Rbk40 Firmware
Netgear Rbr50 Firmware
Netgear Rbs50 Firmware
Netgear Rbk50 Firmware
5.8
CVSSv2
CVE-2019-20684
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 prior to 1.0.0.75, D6000 prior to 1.0.0.75, D6200 prior to 1.1.00.32, D7000 prior to 1.0.1.68, JR6150 prior to 1.0.1.18, PR2000 prior to 1.0.0.28, R6020 prior ...
Netgear D3600 Firmware
Netgear D6000 Firmware
Netgear D6200 Firmware
Netgear D7000 Firmware
Netgear Jr6150 Firmware
Netgear Pr2000 Firmware
Netgear R6020 Firmware
Netgear R6050 Firmware
Netgear R6080 Firmware
Netgear R6120 Firmware
Netgear R6220 Firmware
Netgear R6260 Firmware
Netgear R6700 Firmware
Netgear R6800 Firmware
Netgear R6900 Firmware
Netgear Wnr2020 Firmware
Netgear Xr500 Firmware
5.2
CVSSv2
CVE-2019-20688
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 prior to 1.0.0.75, D6000 prior to 1.0.0.75, D6100 prior to 1.0.0.63, EX2700 prior to 1.0.1.48, EX6100v2 prior to 1.0.1.76, EX6150v2 prior to 1.0.1.76, EX6200v2 prior to 1.0.1.72...
Netgear D3600 Firmware
Netgear D6000 Firmware
Netgear D6100 Firmware
Netgear Ex2700 Firmware
Netgear Ex6100 Firmware
Netgear Ex6150 Firmware
Netgear Ex6200 Firmware
Netgear Ex6400 Firmware
Netgear Ex7300 Firmware
Netgear Ex8000 Firmware
Netgear R7800 Firmware
Netgear R8900 Firmware
Netgear R9000 Firmware
Netgear Wn2000rpt Firmware
Netgear Wn3000rp Firmware
Netgear Wn3100rp Firmware
Netgear Wndr3700 Firmware
Netgear Wndr4300 Firmware
Netgear Wndr4500 Firmware
Netgear Wnr2000 Firmware
Netgear Xr500 Firmware
9
CVSSv2
CVE-2018-8029
In Apache Hadoop versions 3.0.0-alpha1 to 3.1.0, 2.9.0 to 2.9.1, and 2.2.0 to 2.8.4, a user who can escalate to yarn user can possibly run arbitrary commands as root user.
Apache Hadoop 3.0.0
Apache Hadoop 2.9.0
Apache Hadoop
Apache Hadoop 2.9.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »