Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog Docs About Contact

access risk management suite vulnerabilities and exploits

(subscribe to this query)
6.5
CVSSv2

CVE-2013-2747

The password reset feature in Courion Access Risk Management Suite Version 8 Update 9 allows remote authenticated users to bypass intended Internet Explorer usage restrictions and execute arbitrary commands by using keyboard shortcuts to navigate the file system and open a comman...
Courion Access Risk Management Suite 8.0
6.1
CVSSv3

CVE-2019-11358

jQuery prior to 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
Jquery JqueryDebian Debian Linux 8.0Debian Debian Linux 9.0Debian Debian Linux 10.0Drupal DrupalBackdropcms BackdropFedoraproject Fedora 28Fedoraproject Fedora 29Fedoraproject Fedora 30Opensuse Backports Sle 15.0Opensuse Leap 15.1Netapp Oncommand System Manager
6.1
CVSSv3

CVE-2020-11022

In jQuery versions greater than or equal to 1.2 and prior to 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuer...
Jquery JqueryDrupal DrupalDebian Debian Linux 9.0Fedoraproject Fedora 31Fedoraproject Fedora 32Fedoraproject Fedora 33Oracle Agile Product Lifecycle Management For Process 6.2.0.0Oracle Application Testing Suite 13.3.0.1Oracle Banking Digital Experience 18.1Oracle Banking Digital Experience 18.2Oracle Banking Digital Experience 18.3Oracle Banking Digital Experience 19.1
10
CVSSv2

CVE-2008-0960

SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x prior to 5.2.4.1, 5.3.x prior to 5.3.2.1, and 5.4.x prior to 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 up to and including 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3R...
Juniper Session And Resource Control 1.0Juniper Session And Resource Control 2.0Juniper Src Pe 1.0Juniper Src Pe 2.0
5
CVSSv2

CVE-2015-0291

The sigalgs implementation in t1_lib.c in OpenSSL 1.0.2 prior to 1.0.2a allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) by using an invalid signature_algorithms extension in the ClientHello message during a renegotiation.
Openssl Openssl 1.0.2
7
CVSSv3

CVE-2016-5195

Race condition in mm/gup.c in the Linux kernel 2.x up to and including 4.x prior to 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka ...
Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 16.10Linux Linux KernelRedhat Enterprise Linux 5Redhat Enterprise Linux 6.0Redhat Enterprise Linux 7.0Redhat Enterprise Linux Aus 6.2Redhat Enterprise Linux Aus 6.4Redhat Enterprise Linux Aus 6.5Redhat Enterprise Linux Eus 6.6
10
CVSSv3

CVE-2021-44228

Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Software Foundation Apache Log4j2Siemens 6bk1602-0aa12-0tp0 FirmwareSiemens 6bk1602-0aa22-0tp0 FirmwareSiemens 6bk1602-0aa32-0tp0 FirmwareSiemens 6bk1602-0aa42-0tp0 FirmwareSiemens 6bk1602-0aa52-0tp0 FirmwareApache Log4jApache Log4j 2.0Siemens Sppa-t3000 Ses3000 FirmwareSiemens CapitalSiemens Capital 2019.1Siemens Comos
4.3
CVSSv2

CVE-2015-1788

The BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in OpenSSL prior to 0.9.8s, 1.0.0 prior to 1.0.0e, 1.0.1 prior to 1.0.1n, and 1.0.2 prior to 1.0.2b does not properly handle ECParameters structures in which the curve is over a malformed binary polynomial field, which allows re...
Openssl OpensslOpenssl Openssl 1.0.0Openssl Openssl 1.0.0aOpenssl Openssl 1.0.0bOpenssl Openssl 1.0.0cOpenssl Openssl 1.0.0dOpenssl Openssl 1.0.0eOpenssl Openssl 1.0.0fOpenssl Openssl 1.0.0gOpenssl Openssl 1.0.0hOpenssl Openssl 1.0.0iOpenssl Openssl 1.0.0j
6.1
CVSSv3

CVE-2024-6484

A vulnerability has been identified in Bootstrap that exposes users to Cross-Site Scripting (XSS) attacks. The issue is present in the carousel component, where the data-slide and data-slide-to attributes can be exploited through the href attribute of an <a> tag due to inad...
Bootstrap CarouselBootstrap BootstrapGetbootstrap Bootstrap
7.8
CVSSv3

CVE-2021-4034

A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle ...
* PolkitPolkit Project PolkitRedhat Enterprise Linux Server Update Services For Sap Solutions 7.6Redhat Enterprise Linux Server Update Services For Sap Solutions 7.7Redhat Enterprise Linux 8.0Redhat Enterprise Linux Desktop 7.0Redhat Enterprise Linux Eus 8.2Redhat Enterprise Linux For Ibm Z Systems 7.0Redhat Enterprise Linux For Ibm Z Systems 8.0Redhat Enterprise Linux For Ibm Z Systems Eus 8.2Redhat Enterprise Linux For Ibm Z Systems Eus 8.4Redhat Enterprise Linux For Power Big Endian 7.0
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2025-3248thanhtungtntremote code executioncodepen embed blockCVE-2025-6354chris coyierCVE-2025-50025nitin yawalkarcode executionCVE-2025-50038CVE-2023-0386cross-site scriptingCVE-2025-6351
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook