Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco cx cloud agent vulnerabilities and exploits
(subscribe to this query)
6.7
CVSSv3
CVE-2023-20043
A vulnerability in Cisco CX Cloud Agent of could allow an authenticated, local malicious user to elevate their privileges. This vulnerability is due to insecure file permissions. An attacker could exploit this vulnerability by calling the script with sudo. A successful exploit co...
Cisco Cx Cloud Agent
Cisco Cx Cloud Agent 2.2
7.3
CVSSv3
CVE-2023-20044
A vulnerability in Cisco CX Cloud Agent of could allow an authenticated, local malicious user to elevate their privileges. This vulnerability is due to insecure file permissions. An attacker could exploit this vulnerability by persuading support to update settings which call the ...
Cisco Cx Cloud Agent
9.8
CVSSv3
CVE-2022-22965
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e....
Vmware Spring Framework
Cisco Cx Cloud Agent
Oracle Communications Cloud Native Core Automated Test Suite 1.9.0
Oracle Communications Cloud Native Core Automated Test Suite 22.1.0
Oracle Communications Cloud Native Core Console 1.9.0
Oracle Communications Cloud Native Core Console 22.1.0
Oracle Communications Cloud Native Core Network Exposure Function 22.1.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 22.1.0
Oracle Communications Cloud Native Core Network Repository Function 1.15.0
Oracle Communications Cloud Native Core Network Repository Function 22.1.0
Oracle Communications Cloud Native Core Network Slice Selection Function 1.8.0
128 Github repositories
7 Articles
NA
CVE-2015-6420
Serialized-object interfaces in certain Cisco Collaboration and Social Media; Endpoint Clients and Client Software; Network Application, Service, and Acceleration; Network and Content Security Devices; Network Management and Provisioning; Routing and Switching - Enterprise and Se...
Apache Commons Collections
Apache Commons Collections 4.0
4 Github repositories
7.8
CVSSv3
CVE-2021-3156
Sudo prior to 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
Sudo Project Sudo
Sudo Project Sudo 1.9.5
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Active Iq Unified Manager -
Netapp Cloud Backup -
Netapp Hci Management Node -
Netapp Oncommand Unified Manager Core Package -
Netapp Ontap Select Deploy Administration Utility -
Netapp Ontap Tools 9
89 Github repositories
1 Article
10
CVSSv3
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j
Apache Log4j 2.0
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Captial
Siemens Captial 2019.1
Siemens Comos
Siemens Desigo Cc Advanced Reports 4.0
Siemens Desigo Cc Advanced Reports 4.1
Siemens Desigo Cc Advanced Reports 4.2
Siemens Desigo Cc Advanced Reports 5.0
Siemens Desigo Cc Advanced Reports 5.1
Siemens Desigo Cc Info Center 5.0
2 Metasploit modules
787 Github repositories
29 Articles
NA
CVE-2014-3569
The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected ...
Openssl Openssl 1.0.1j
5.9
CVSSv3
CVE-2021-45105
Apache Log4j2 versions 2.0-alpha1 up to and including 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted strin...
Apache Log4j
Netapp Cloud Manager -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Sonicwall Email Security
Sonicwall Network Security Manager
Sonicwall Web Application Firewall
Sonicwall 6bk1602-0aa12-0tp0 Firmware
Sonicwall 6bk1602-0aa22-0tp0 Firmware
Sonicwall 6bk1602-0aa32-0tp0 Firmware
Sonicwall 6bk1602-0aa42-0tp0 Firmware
Sonicwall 6bk1602-0aa52-0tp0 Firmware
49 Github repositories
5 Articles
NA
CVE-2015-1788
The BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in OpenSSL prior to 0.9.8s, 1.0.0 prior to 1.0.0e, 1.0.1 prior to 1.0.1n, and 1.0.2 prior to 1.0.2b does not properly handle ECParameters structures in which the curve is over a malformed binary polynomial field, which allows re...
Openssl Openssl
Openssl Openssl 1.0.0
Openssl Openssl 1.0.0a
Openssl Openssl 1.0.0b
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0d
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
Openssl Openssl 1.0.0g
Openssl Openssl 1.0.0h
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.0j
1 Article
NA
CVE-2015-1794
The ssl3_get_key_exchange function in ssl/s3_clnt.c in OpenSSL 1.0.2 prior to 1.0.2e allows remote servers to cause a denial of service (segmentation fault) via a zero p value in an anonymous Diffie-Hellman (DH) ServerKeyExchange message.
Openssl Openssl 1.0.2
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.2d
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
local
IMAP
CVE-2024-8504
CVE-2024-42327
CVE-2024-11904
CVE-2024-47107
CVE-2024-53143
XML injection
CVE-2024-54750
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »