Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
knowledge management vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2015-7289
Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 have a hardcoded administrator password derived from a serial number, which makes it easier for remote malicious users to obtain access via the web management interface, SSH, TELNET,...
Arris Na Model 862 Gw Mono Firmware Ts0703128 100611
Arris Na Model 862 Gw Mono Firmware Ts0703135 112211
Arris Na Model 862 Gw Mono Firmware Ts0705125d 031115
Arris Na Model 862 Gw Mono Firmware Ts070593c 073013
Arris Na Model 862 Gw Mono Firmware Ts0705125 062314
4.3
CVSSv2
CVE-2015-7290
Cross-site scripting (XSS) vulnerability in adv_pwd_cgi in the web management interface on Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 allows remote malicious users to inject arbitrary web script or HTML via the pwd parameter.
Arris Na Model 862 Gw Mono Firmware Ts0705125d 031115
Arris Na Model 862 Gw Mono Firmware Ts0705125 062314
Arris Na Model 862 Gw Mono Firmware Ts070593c 073013
Arris Na Model 862 Gw Mono Firmware Ts0703128 100611
Arris Na Model 862 Gw Mono Firmware Ts0703135 112211
6.8
CVSSv2
CVE-2015-7291
Cross-site request forgery (CSRF) vulnerability in adv_pwd_cgi in the web management interface on Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 allows remote malicious users to hijack the authentication of arbitrary users.
Arris Na Model 862 Gw Mono Firmware Ts0703135 112211
Arris Na Model 862 Gw Mono Firmware Ts0705125 062314
Arris Na Model 862 Gw Mono Firmware Ts0703128 100611
Arris Na Model 862 Gw Mono Firmware Ts0705125d 031115
Arris Na Model 862 Gw Mono Firmware Ts070593c 073013
4.3
CVSSv2
CVE-2009-5149
Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 have predictable technician passwords, which makes it easier for remote malicious users to obtain access via the web management interface, related to a "password of the day"...
Arris Na Model 862 Gw Mono Firmware Ts0705125d 031115
Arris Na Model 862 Gw Mono Firmware Ts070593c 073013
Arris Na Model 862 Gw Mono Firmware Ts0703135 112211
Arris Na Model 862 Gw Mono Firmware Ts0705125 062314
Arris Na Model 862 Gw Mono Firmware Ts0703128 100611
4.3
CVSSv2
CVE-2020-8340
A cross-site scripting (XSS) vulnerability exists in the legacy IBM and Lenovo System x IMM2 (Integrated Management Module 2), prior to version 5.60, embedded Baseboard Management Controller (BMC) web interface during an internal security review. This vulnerability could allow Ja...
Lenovo Integrated Management Module 2
9.3
CVSSv2
CVE-2020-2018
An authentication bypass vulnerability in the Panorama context switching feature allows an attacker with network access to a Panorama's management interface to gain privileged access to managed firewalls. An attacker requires some knowledge of managed firewalls to exploit th...
Paloaltonetworks Pan-os
6.5
CVSSv2
CVE-2006-0553
PostgreSQL 8.1.0 up to and including 8.1.2 allows authenticated database users to gain additional privileges via "knowledge of the backend protocol" using a crafted SET ROLE to other database users, a different vulnerability than CVE-2006-0678.
Postgresql Postgresql 8.1.0
Postgresql Postgresql 8.1.1
Postgresql Postgresql 8.1.2
4.3
CVSSv2
CVE-2020-8339
A cross-site scripting inclusion (XSSI) vulnerability was reported in the legacy IBM BladeCenter Advanced Management Module (AMM) web interface prior to version 3.68n [BPET68N]. This vulnerability could allow an authenticated user's AMM credentials to be disclosed if the use...
Ibm Bladecenter Advanced Management Module Firmware
5
CVSSv2
CVE-2014-3569
The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected ...
Openssl Openssl 1.0.1j
5.8
CVSSv2
CVE-2012-4074
The Board Management Controller (BMC) in the Serial over LAN (SoL) subsystem in Cisco Unified Computing System (UCS) relies on a hardcoded private key, which allows man-in-the-middle malicious users to obtain sensitive information or modify the data stream by leveraging knowledge...
Cisco Unified Computing System -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »