Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
database server vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2016-6566
The valueAsString parameter inside the JSON payload contained by the ucLogin_txtLoginId_ClientStat POST parameter of the Sungard eTRAKiT3 software version 3.2.1.17 is not properly validated. An unauthenticated remote attacker may be able to modify the POST request and insert a SQ...
Sungardas Etrakit3 3.2.1.17
1 EDB exploit
9.8
CVSSv3
CVE-2014-3413
The MySQL server in Juniper Networks Junos Space prior to 13.3R1.8 has an unspecified account with a hardcoded password, which allows remote malicious users to obtain sensitive information and consequently obtain administrative control by leveraging database access.
Juniper Junos Space 13.3
9.8
CVSSv3
CVE-2017-15367
Bacula-web prior to 8.0.0-rc2 is affected by multiple SQL Injection vulnerabilities that could allow an malicious user to access the Bacula database and, depending on configuration, escalate privileges on the server.
Bacula Bacula-web 8.0.0
Bacula Bacula-web
1 EDB exploit
9.8
CVSSv3
CVE-2017-17417
This vulnerability allows remote malicious users to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUPhaseStatus Acknowledge met...
Quest Netvault Backup 11.3.0.12
1 EDB exploit
9.8
CVSSv3
CVE-2017-14097
An improper access control vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an malicious user to decrypt contents of a database with information that could be used to access a vulnerable system.
Trendmicro Smart Protection Server
1 EDB exploit
9.8
CVSSv3
CVE-2017-12635
Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is possible in Apache CouchDB prior to 1.7.0 and 2.x prior to 2.1.1 to submit _users documents with duplicate keys for 'roles' used for access control within the database, including ...
Apache Couchdb
Apache Couchdb 2.0.0
2 EDB exploits
6 Github repositories
9.8
CVSSv3
CVE-2017-15366
Before Thornberry NDoc version 8.0, laptop clients and the server have default database (Cache) users set up with a single password. This password is left behind in a cleartext log file during client installation on laptops. This password can be used to gain full admin/system acc...
Ndocsoftware Ndoc
9.8
CVSSv3
CVE-2017-3222
Hard-coded credentials in AmosConnect 8 allow remote malicious users to gain full administrative privileges, including the ability to execute commands on the Microsoft Windows host platform with SYSTEM privileges by abusing AmosConnect Task Manager.
Inmarsat Amosconnect 8.0
Inmarsat Amosconnect 8.0.1
Inmarsat Amosconnect 8.0.2
Inmarsat Amosconnect 8.2.0
Inmarsat Amosconnect 8.2.1
Inmarsat Amosconnect 8.2.2
Inmarsat Amosconnect 8.3.0
Inmarsat Amosconnect 8.3.1
Inmarsat Amosconnect 8.4.0
Inmarsat Amosconnect 8.4.0.1
9.8
CVSSv3
CVE-2017-3221
Blind SQL injection in Inmarsat AmosConnect 8 login form allows remote malicious users to access user credentials, including user names and passwords.
Inmarsat Amosconnect 8 8.2.1
Inmarsat Amosconnect 8 8.2.2
Inmarsat Amosconnect 8 8.0.2
Inmarsat Amosconnect 8 8.2.0
Inmarsat Amosconnect 8 8.0
Inmarsat Amosconnect 8 8.3.0
Inmarsat Amosconnect 8 8.3.1
Inmarsat Amosconnect 8 8.0.1
Inmarsat Amosconnect 8 8.4.0
Inmarsat Amosconnect 8 8.4.0.1
9.8
CVSSv3
CVE-2017-9228
An issue exists in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby up to and including 2.4.1 and mbstring in PHP up to and including 7.1.5. A heap out-of-bounds write occurs in bitset_set_range() during regular expression compilation due to an uninitialized variable from an inc...
Oniguruma Project Oniguruma 6.2.0
Php Php
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »