Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web console vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2020-14007
Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows XSS via a name of an alert definition.
Solarwinds Orion Network Performance Monitor 2019.4
Solarwinds Orion Web Performance Monitor 2019.4.1
5
CVSSv2
CVE-2014-2976
Directory traversal vulnerability in Sixnet SixView Manager 2.4.1 allows remote malicious users to read arbitrary files via a .. (dot dot) in an HTTP GET request to TCP port 18081.
Sixnet Sixview Manager 2.4.1
1 EDB exploit
4
CVSSv2
CVE-2019-10716
An Information Disclosure issue in Verodin Director 3.5.3.1 and previous versions reveals usernames and passwords of integrated security technologies via a /integrations.json JSON REST API request.
Verodin Director
5.1
CVSSv2
CVE-2018-2825
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successf...
Oracle Jdk 10
Oracle Jre 10
Canonical Ubuntu Linux 18.04
Netapp E-series Santricity Os Controller
Netapp Cloud Backup -
Netapp Santricity Cloud Connector -
Netapp Oncommand Unified Manager
Netapp Snapmanager -
Netapp Oncommand Unified Manager -
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Oncommand Insight -
Netapp Oncommand Unified Manager 7.3
Netapp Virtual Storage Console
Netapp E-series Santricity Management -
Netapp E-series Santricity Storage Manager -
Netapp E-series Santricity Web Services -
Netapp Storage Replication Adapter
Netapp Vasa Provider
1 Article
5.1
CVSSv2
CVE-2018-2826
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successf...
Oracle Jdk 10
Oracle Jre 10
Canonical Ubuntu Linux 18.04
Netapp E-series Santricity Os Controller
Netapp Cloud Backup -
Netapp Santricity Cloud Connector -
Netapp Oncommand Unified Manager
Netapp Snapmanager -
Netapp Oncommand Unified Manager -
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Oncommand Insight -
Netapp Oncommand Unified Manager 7.3
Netapp Virtual Storage Console
Netapp E-series Santricity Management -
Netapp E-series Santricity Storage Manager -
Netapp E-series Santricity Web Services -
Netapp Storage Replication Adapter
Netapp Vasa Provider
1 Article
6.8
CVSSv2
CVE-2019-0542
A remote code execution vulnerability exists in Xterm.js when the component mishandles special characters, aka "Xterm Remote Code Execution Vulnerability." This affects xterm.js.
Xtermjs Xterm.js
Redhat Openshift Container Platform
4.3
CVSSv2
CVE-2011-4575
Cross-site scripting (XSS) vulnerability in the JMX console in JBoss Enterprise Application Platform (EAP) prior to 5.2.0, Web Platform (EWP) prior to 5.2.0, BRMS Platform prior to 5.3.1, and SOA Platform prior to 5.3.1 allows remote malicious users to inject arbitrary web script...
Redhat Jboss Enterprise Web Platform 5.2.0
Redhat Jboss Enterprise Application Platform 5.2.0
Redhat Jboss Enterprise Brms Platform
7.8
CVSSv2
CVE-2012-4933
The rtrlet web application in the Web Console in Novell ZENworks Asset Management (ZAM) 7.5 uses a hard-coded username of Ivanhoe and a hard-coded password of Scott for the (1) GetFile_Password and (2) GetConfigInfo_Password operations, which allows remote malicious users to obta...
Novell Zenworks Asset Management 7.5
7.5
CVSSv2
CVE-2018-17431
Web Console in Comodo UTM Firewall prior to 2.7.0 allows remote malicious users to execute arbitrary code without authentication via a crafted URL.
Comodo Unified Threat Management Firewall
1 Github repository
9
CVSSv2
CVE-2020-14005
Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows remote malicious users to execute arbitrary code via a defined event.
Solarwinds Orion Network Performance Monitor 2019.4
Solarwinds Orion Web Performance Monitor 2019.4.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »