Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fernando catoira vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2018-16148
The diagnosticsb2ksy parameter of the /rest endpoint in Opsview Monitor prior to 5.3.1 and 5.4.x prior to 5.4.2 is vulnerable to Cross-Site Scripting.
Opsview Opsview
NA
CVE-2018-144173
SoftNAS Cloud versions prior to 4.0.3 suffers from an OS command injection vulnerability.
NA
CVE-2018-161453
Opsview Monitor versions 5.2, 5.3, and 5.4 suffer from cross site scripting and multiple remote command execution vulnerabilities.
7.2
CVSSv3
CVE-2018-16146
The web management console of Opsview Monitor 5.4.x prior to 5.4.2 provides functionality accessible by an authenticated administrator to test notifications that are triggered under certain configurable events. The value parameter is not properly sanitized, leading to arbitrary c...
Opsview Opsview
6.1
CVSSv3
CVE-2018-16147
The data parameter of the /settings/api/router endpoint in Opsview Monitor prior to 5.3.1 and 5.4.x prior to 5.4.2 is vulnerable to Cross-Site Scripting.
Opsview Opsview
9.8
CVSSv3
CVE-2018-16144
The test connection functionality in the NetAudit section of Opsview Monitor prior to 5.3.1 and 5.4.x prior to 5.4.2 is vulnerable to command injection due to improper sanitization of the rancid_password parameter.
Opsview Opsview
8.1
CVSSv3
CVE-2018-16145
The /etc/init.d/opsview-reporting-module script that runs at boot time in Opsview Monitor prior to 5.3.1 and 5.4.x prior to 5.4.2 invokes a file that can be edited by the nagios user, and would allow malicious users to elevate their privileges to root after a system restart, henc...
Opsview Opsview
9.8
CVSSv3
CVE-2018-14417
A command injection vulnerability was found in the web administration console in SoftNAS Cloud prior to 4.0.3. In particular, the snserv script did not sanitize the 'recentVersion' parameter from the snserv endpoint, allowing an unauthenticated malicious user to execute...
Softnas Cloud
1 EDB exploit
7.2
CVSSv3
CVE-2020-12713
An issue exists in CipherMail Community Gateway and Professional/Enterprise Gateway 1.0.1 up to and including 4.7.1-0 and CipherMail Webmail Messenger 1.1.1 up to and including 3.1.1-0. Attackers with administrative access to the web interface have multiple options to escalate th...
Ciphermail Webmail Messenger
Ciphermail Gateway
5.9
CVSSv3
CVE-2020-12714
An issue exists in CipherMail Community Gateway Virtual Appliances and Professional/Enterprise Gateway Virtual Appliances versions 1.0.1 up to and including 4.7.1-0 and CipherMail Webmail Messenger Virtual Appliances 1.1.1 up to and including 3.1.1-0. A Diffie-Hellman parameter o...
Ciphermail Webmail Messenger
Ciphermail Gateway
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2023-38506
CVE-2024-37198
CVE-2023-45197
CVE-2024-38621
CVE-2024-30103
elevation of privilege
CVE-2024-0044
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »