Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
information paradox vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-6015
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-4808, CVE-2015-6013, CV...
Oracle Outside In Technology 8.5.1
Oracle Outside In Technology 8.5.0
Oracle Outside In Technology 8.5.2
NA
CVE-2013-0418
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7 and 8.4 allows context-dependent malicious users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2013-0393. NOTE:...
Microsoft Exchange Server 2010
Microsoft Exchange Server 2007
Oracle Fusion Middleware 8.4
Oracle Fusion Middleware 8.3.7.0
NA
CVE-2015-6014
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-4808, CVE-2015-6013, CV...
Oracle Outside In Technology 8.5.0
Oracle Outside In Technology 8.5.2
Oracle Outside In Technology 8.5.1
NA
CVE-2015-6013
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-4808, CVE-2015-6014, CV...
Oracle Outside In Technology 8.5.0
Oracle Outside In Technology 8.5.2
Oracle Outside In Technology 8.5.1
9.8
CVSSv3
CVE-2017-17759
Conarc iChannel allows remote malicious users to obtain sensitive information, modify the configuration, or cause a denial of service (by deleting the configuration) via a wc.dll?wwMaint~EditConfig request (which reaches an older version of a West Wind Web Connection HTTP service...
Conarc Ichannel -
1 EDB exploit
9.8
CVSSv3
CVE-2017-17739
The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has directory traversal via the /storage.html rp parameter, allowing an malicious user to read or write to files.
Brightsign 4k242 Firmware
1 EDB exploit
NA
CVE-2014-9113
CCH Wolters Kluwer ProSystem fx Engagement (aka PFX Engagement) 7.1 and previous versions uses weak permissions (Authenticated Users: Modify and Write) for the (1) Pfx.Engagement.WcfServices, (2) PFXEngDesktopService, (3) PFXSYNPFTService, and (4) P2EWinService service files in P...
Cchgroup Prosystem Fx Engagement
1 EDB exploit
6.1
CVSSv3
CVE-2017-17737
The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has XSS via the REF parameter to /network_diagnostics.html or /storage_info.html.
Brightsign 4k242 Firmware
1 EDB exploit
7.5
CVSSv3
CVE-2017-17738
The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) allows renaming and modifying files via /tools.html.
Brightsign 4k242 Firmware
1 EDB exploit
NA
CVE-2014-9141
The installer in Thomson Reuters Fixed Assets CS 13.1.4 and previous versions uses weak permissions for connectbgdl.exe, which allows local users to execute arbitrary code by modifying this program.
Thomsonreuters Fixed Assets Cs
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started