Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
reflection vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2019-9495
The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpa_supplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary f...
W1.fi Hostapd
W1.fi Wpa Supplicant
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Debian Debian Linux 8.0
Synology Radius Server 3.0
Synology Router Manager
Freebsd Freebsd 11.2
Freebsd Freebsd 12.0
383
VMScore
CVE-2018-7049
An issue exists in Wowza Streaming Engine prior to 4.7.1. There is an XSS vulnerability in the HTTP providers (com.wowza.wms.http.HTTPProviderMediaList and com.wowza.wms.http.streammanager.HTTPStreamManager) causing script injection and/or reflection via a crafted HTTP request.
Wowza Streaming Engine
383
VMScore
CVE-2016-5765
Administrative Server in Micro Focus Host Access Management and Security Server (MSS) and Reflection for the Web (RWeb) and Reflection Security Gateway (RSG) and Reflection ZFE (ZFE) allows remote unauthenticated malicious users to read arbitrary files via a specially crafted URL...
Microfocus Host Access Management And Security Server 12.3
Microfocus Reflection Zfe 2.0.0.52
Microfocus Host Access Management And Security Server 12.2
Microfocus Reflection For The Web 12.3
Microfocus Reflection For The Web 12.1
Microfocus Reflection For The Web 12.2
Microfocus Reflection Zfe 1.4.0.14
Microfocus Reflection Zfe 2.0.1.18
Microfocus Reflection Security Gateway 12.1
383
VMScore
CVE-2010-4146
Cross-site scripting (XSS) vulnerability in Attachmate Reflection for the Web 2008 R2 (builds 10.1.569 and previous versions), 2008 R1, and 9.6 and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Attachmate Reflection For The Web
Attachmate Reflection For The Web 9.0
Attachmate Reflection For The Web 2008
Attachmate Reflection For The Web 9.01
Attachmate Reflection For The Web 9.5
Attachmate Reflection For The Web 8.0
356
VMScore
CVE-2006-0616
Unspecified vulnerability in Sun Java JDK and JRE 5.0 Update 4 and previous versions allows remote malicious users to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "fourth issue."
Sun Jdk
Sun Jre
356
VMScore
CVE-2006-0615
Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5.0 Update 4 and previous versions, SDK and JRE 1.4.x up to and including 1.4.2_09 allow remote malicious users to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs...
Sun Jdk 1.5.0
Sun Jre 1.4.2 7
Sun Jre 1.4.2 4
Sun Jre 1.4.2 2
Sun Jre 1.5.0
Sun Jre 1.4.2 1
Sun Jre 1.4.2 8
Sun Jre 1.4.2 9
Sun Jre 1.4.2 3
Sun Jre 1.4.2 5
Sun Jre 1.4.2 6
Sun Jre 1.4.2
Sun Sdk 1.4.2
Sun Sdk 1.4.2 6
Sun Sdk 1.4.2 2
Sun Sdk 1.4.2 5
Sun Sdk 1.4.2 1
Sun Sdk 1.4.2 4
Sun Sdk 1.4.2 7
Sun Sdk 1.4.2 8
Sun Sdk 1.4.2 9
Sun Sdk 1.4.2 3
356
VMScore
CVE-2006-0617
Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5.0 Update 5 and previous versions allow remote malicious users to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "fifth, sixth, and seventh issues...
Sun Jdk
Sun Jre
187
VMScore
CVE-2014-9496
The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows malicious users to have unspecified impact via vectors related to a (1) map offset or (2) rsrc marker, which triggers an out-of-bounds read.
Libsndfile Project Libsndfile
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Debian Debian Linux 9.0
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Oracle Solaris 11.2
187
VMScore
CVE-2004-2331
ColdFusion MX 6.1 and 6.1 J2EE allows local users to bypass sandbox security restrictions and obtain sensitive information by using Java reflection methods to access trusted Java objects without using the CreateObject function or cfobject tag.
Macromedia Coldfusion 6.1
NA
CVE-2024-29183
OpenRASP is a RASP solution that directly integrates its protection engine into the application server by instrumentation. There exists a reflected XSS in the /login page due to a reflection of the redirect parameter. This allows an malicious user to execute arbitrary javascript ...
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »