Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
protection center vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2021-34697
A vulnerability in the Protection Against Distributed Denial of Service Attacks feature of Cisco IOS XE Software could allow an unauthenticated, remote malicious user to conduct denial of service (DoS) attacks to or through the affected device. This vulnerability is due to incorr...
Cisco Ios Xe
614
VMScore
CVE-2020-3396
A vulnerability in the file system on the pluggable USB 3.0 Solid State Drive (SSD) for Cisco IOS XE Software could allow an authenticated, physical malicious user to remove the USB 3.0 SSD and modify sensitive areas of the file system, including the namespace container protectio...
Cisco Ios Xe 16.12.1
1000
VMScore
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0
Apache Log4j
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Siemens Head-end System Universal Device Integration System
Siemens Gma-manager
Siemens Energyip 8.5
Siemens Energyip 8.6
Siemens Energyip 8.7
Siemens Energyip 9.0
Siemens Energy Engage 3.1
Siemens E-car Operation Center
2 Metasploit modules
1179 Github repositories
28 Articles
446
VMScore
CVE-2002-20001
The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ater attack. The client needs ver...
Balasys Dheater -
Siemens Scalance W1750d Firmware
Suse Linux Enterprise Server 15
Suse Linux Enterprise Server 11
Suse Linux Enterprise Server 12
F5 Big-iq Centralized Management 7.1.0
F5 Traffix Signaling Delivery Controller 5.2.0
F5 Traffix Signaling Delivery Controller 5.1.0
F5 Big-iq Centralized Management
F5 Big-ip Service Proxy 1.6.0
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Application Visibility And Reporting
F5 Big-ip Carrier-grade Nat
F5 Big-ip Ddos Hybrid Defender
F5 Big-ip Domain Name System
F5 Big-ip Edge Gateway
F5 Big-ip Fraud Protection Service
3 Github repositories
NA
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Ietf Http 2.0
Nghttp2 Nghttp2
Netty Netty
Envoyproxy Envoy 1.27.0
Envoyproxy Envoy 1.26.4
Envoyproxy Envoy 1.25.9
Envoyproxy Envoy 1.24.10
Eclipse Jetty
Caddyserver Caddy
Golang Http2
Golang Go
Golang Networking
F5 Big-ip Analytics
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Domain Name System
F5 Big-ip Application Security Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
35 Github repositories
2 Articles
455
VMScore
CVE-2021-22884
Node.js prior to 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS, i.e., over networ...
Nodejs Node.js
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager -
Netapp E-series Performance Analyzer -
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Graalvm 20.3.1.2
Oracle Graalvm 21.0.0.2
Oracle Graalvm 19.3.5
Oracle Nosql Database
Oracle Mysql Cluster
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Jd Edwards Enterpriseone Tools
Siemens Sinec Infrastructure Network Services
312
VMScore
CVE-2020-11110
Grafana up to and including 6.7.1 allows stored XSS due to insufficient input protection in the originalUrl field, which allows an malicious user to inject JavaScript code that will be executed after clicking on Open Original Dashboard after visiting the snapshot.
Grafana Grafana
Netapp E-series Performance Analyzer -
454
VMScore
CVE-2021-2351
Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Advanced N...
Oracle Flexcube Investor Servicing 12.3.0
Oracle Flexcube Investor Servicing 12.1.0
Oracle Flexcube Private Banking 12.1.0
Oracle Flexcube Private Banking 12.0.0
Oracle Flexcube Investor Servicing 12.0.4
Oracle Retail Store Inventory Management 14.1
Oracle Ilearning 6.2
Oracle Hospitality Suite8 8.10.2
Oracle Retail Back Office 14.1
Oracle Weblogic Server 12.2.1.3.0
Oracle Utilities Framework 4.2.0.3.0
Oracle Flexcube Investor Servicing 12.4.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Hospitality Reporting And Analytics 9.1.0
Oracle Application Testing Suite 13.3.0.1
Oracle Retail Order Broker 16.0
Oracle Retail Returns Management 14.1
Oracle Retail Central Office 14.1
Oracle Banking Platform 2.6.2
Oracle Primavera Unifier 18.8
Oracle Retail Point-of-service 14.1
Oracle Retail Predictive Application Server 15.0.3
445
VMScore
CVE-2019-12696
Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote malicious user to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vulnerabilities, see the Details sect...
Cisco Firepower 6.2.3.1
Cisco Firepower 6.3.0
Cisco Firepower 6.2.3.7
Cisco Firepower 6.4.0
445
VMScore
CVE-2019-12697
Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote malicious user to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vulnerabilities, see the Details sect...
Cisco Firepower 6.2.3.1
Cisco Firepower 6.2.3.7
Cisco Firepower 6.3.0
Cisco Firepower 6.4.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »