Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
remote console vulnerabilities and exploits
(subscribe to this query)
7.4
CVSSv3
CVE-2021-1566
A vulnerability in the Cisco Advanced Malware Protection (AMP) for Endpoints integration of Cisco AsyncOS for Cisco Email Security Appliance (ESA) and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote malicious user to intercept traffic between an affected...
Cisco Email Security Appliance -
Cisco Asyncos
Cisco Web Security Appliance -
NA
CVE-2012-5622
Cross-site request forgery (CSRF) vulnerability in the management console (openshift-console/app/controllers/application_controller.rb) in OpenShift 0.0.5 allows remote malicious users to hijack the authentication of arbitrary users via unspecified vectors.
Redhat Openshift 0.0.5
6.1
CVSSv3
CVE-2012-6494
Rapid7 Nexpose prior to 5.5.4 contains a session hijacking vulnerability which allows remote malicious users to capture a user's session and gain unauthorized access.
Rapid7 Nexpose
NA
CVE-2014-7883
HP Universal CMDB (UCMDB) Probe 9.05, 10.01, and 10.11 enables the HTTP TRACE method, which allows remote malicious users to obtain sensitive information by reading the headers of a response.
Hp Universal Configuration Management Database 10.11
Hp Universal Configuration Management Database 10.01
Hp Universal Configuration Management Database 9.05
1 EDB exploit
8.8
CVSSv3
CVE-2022-24407
In Cyrus SASL 2.1.17 up to and including 2.1.27 prior to 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement.
Cyrusimap Cyrus-sasl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager -
Oracle Communications Cloud Native Core Security Edge Protection Proxy 22.1.1
Oracle Communications Cloud Native Core Console 22.2.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 22.2.0
NA
CVE-2010-3581
Unspecified vulnerability in the BPEL Console component in Oracle Fusion Middleware 11.1.1.1.0 and 11.1.1.2.0 allows remote authenticated users to affect integrity via unknown vectors.
Oracle Fusion Middleware 11.1.1.1.0
Oracle Fusion Middleware 11.1.1.2.0
1 EDB exploit
NA
CVE-2006-3643
Cross-site scripting (XSS) vulnerability in Internet Explorer 5.01 and 6 in Microsoft Windows 2000 SP4 permits access to local "HTML-embedded resource files" in the Microsoft Management Console (MMC) library, which allows remote authenticated users to execute arbitrary ...
Microsoft Ie 6
Microsoft Internet Explorer 5.01
NA
CVE-2012-1575
Multiple cross-site scripting (XSS) vulnerabilities in Cumin before r5238 allow remote malicious users to inject arbitrary web script or HTML via vectors involving (1) widgets or (2) pages.
Trevor Mckay Cumin
NA
CVE-2007-2048
Directory traversal vulnerability in /console in the Management Console in webMethods Glue 6.5.1 and previous versions allows remote malicious users to read arbitrary system files via a .. (dot dot) in the resource parameter.
Webmethods Glue 4.0
Webmethods Glue 5.0
Webmethods Glue 6.5.1
1 EDB exploit
6.5
CVSSv3
CVE-2016-6435
The web console in Cisco Firepower Management Center 6.0.1 allows remote authenticated users to read arbitrary files via crafted parameters, aka Bug ID CSCva30376.
Cisco Firepower Management Center 6.0.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »