Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
configuration as code vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-0073
The FTP service in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows attackers who have established an FTP session to cause a denial of service via a specially crafted status request containing glob characters.
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 4.0
NA
CVE-2002-0072
The w3svc.dll ISAPI filter in Front Page Server Extensions and ASP.NET for Internet Information Server (IIS) 4.0, 5.0, and 5.1 does not properly handle the error condition when a long URL is provided, which allows remote malicious users to cause a denial of service (crash) when t...
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
6.7
CVSSv3
CVE-2018-11805
In Apache SpamAssassin prior to 3.4.3, nefarious CF files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of scenarios. In addition to upgrading to SA 3.4.3, we recommend that users should only use update chan...
Apache Spamassassin
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
NA
CVE-2012-2561
HP Business Service Management (BSM) 9.12 does not properly restrict the uploading of .war files, which allows remote malicious users to execute arbitrary JSP code within the JBOSS Application Server component via a crafted request to TCP port 1098, 1099, or 4444.
Hp Business Service Management 9.12
7.5
CVSSv3
CVE-2018-0296
A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote malicious user to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software ...
Cisco Adaptive Security Appliance Software 8.1\\(2.5\\)
Cisco Adaptive Security Appliance Software
Cisco Firepower Threat Defense 6.2.3
Cisco Firepower Threat Defense
Cisco Firepower Threat Defense 6.2.3.1
Cisco Firepower Threat Defense 6.2.3-851
Cisco Firepower Threat Defense 6.2.3-85.02
2 EDB exploits
12 Github repositories
1 Article
9.8
CVSSv3
CVE-2021-1459
A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote malicious user to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-s...
Cisco Rv110w Firmware 1.0.3.55
Cisco Rv130 Firmware 1.0.3.55
Cisco Rv130w Firmware 1.0.3.55
Cisco Rv215w Firmware 1.0.3.55
8.8
CVSSv3
CVE-2022-20824
A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent malicious user to execute arbitrary code with root privileges or cause a denial of service (DoS) condition on an affected device. This ...
Cisco Mds 9506 Firmware -
Cisco Mds 9513 Firmware -
Cisco Mds 9706 Firmware -
Cisco Mds 9710 Firmware -
Cisco Mds 9718 Firmware -
Cisco Nexus 1000v Firmware -
Cisco Nexus 3016 Firmware -
Cisco Nexus 3016q Firmware -
Cisco Nexus 3048 Firmware -
Cisco Nexus 3064 Firmware -
Cisco Nexus 3064-32t Firmware -
Cisco Nexus 3064-t Firmware -
Cisco Nexus 3064-x Firmware -
Cisco Nexus 3064t Firmware -
Cisco Nexus 3064x Firmware -
Cisco Nexus 3100 Firmware -
Cisco Nexus 3100-v Firmware -
Cisco Nexus 3100-z Firmware -
Cisco Nexus 3100v Firmware -
Cisco Nexus 31108pc-v Firmware -
Cisco Nexus 31108pv-v Firmware -
Cisco Nexus 31108tc-v Firmware -
9.8
CVSSv3
CVE-2022-45132
In Linaro Automated Validation Architecture (LAVA) prior to 2022.11.1, remote code execution can be achieved through user-submitted Jinja2 template. The REST API endpoint for validating device configuration files in lava-server loads input as a Jinja2 template in a way that can b...
Linaro Lava
7.8
CVSSv3
CVE-2019-12645
A vulnerability in Cisco Jabber Client Framework (JCF) for Mac Software, installed as part of the Cisco Jabber for Mac client, could allow an authenticated, local malicious user to execute arbitrary code on an affected device The vulnerability is due to improper file level permis...
Cisco Jabber
8.8
CVSSv3
CVE-2017-17867
Inteno iopsys 2.0-3.14 and 4.0 devices allow remote authenticated users to execute arbitrary OS commands by modifying the leasetrigger field in the odhcpd configuration to specify an arbitrary program, as demonstrated by a program located on an SMB share. This issue existed becau...
Intenogroup Iopsys
Intenogroup Iopsys 4.0
1 EDB exploit
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »