Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
access vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2016-1597
A logged-in user in NetIQ Access Governance Suite 6.0 up to and including 6.4 could escalate privileges to administrator.
Netiq Access Governance Suite 6.0
Netiq Access Governance Suite 6.2
Netiq Access Governance Suite 6.4
Netiq Access Governance Suite 6.3
Netiq Access Governance Suite 6.1
NA
CVE-2011-0322
Unspecified vulnerability in EMC RSA Access Manager Server 5.5.x, 6.0.x, and 6.1.x allows remote malicious users to access resources via unknown vectors.
Rsa Access Manager Server 5.5.3
Rsa Access Manager Server 6.1.2
Rsa Access Manager Server 6.1.3
Rsa Access Manager Server 6.0.4
Rsa Access Manager Server 6.1
3.7
CVSSv3
CVE-2016-3045
IBM Security Access Manager for Web stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referer header or browser history.
Ibm Security Access Manager For Web 7.0.0
Ibm Security Access Manager For Web 8.0.1.2
Ibm Security Access Manager For Web 8.0.1.1
Ibm Security Access Manager For Web 8.0.1
Ibm Security Access Manager For Web 8.0.0
Ibm Security Access Manager 9.0.1.0
Ibm Security Access Manager 9.0.0
Ibm Security Access Manager For Web 8.0.1.4
Ibm Security Access Manager For Mobile 8.0.1.2
Ibm Security Access Manager For Mobile 8.0.1.3
Ibm Security Access Manager For Mobile 8.0.1.4
Ibm Security Access Manager For Mobile 8.0.0.5
Ibm Security Access Manager For Mobile 8.0.0.0
Ibm Security Access Manager 9.0.0.1
Ibm Security Access Manager For Web 8.0.1.3
Ibm Security Access Manager For Mobile 8.0.1
9.8
CVSSv3
CVE-2021-39070
IBM Security Verify Access 10.0.0.0, 10.0.1.0 and 10.0.2.0 with the advanced access control authentication service enabled could allow an malicious user to authenticate as any user on the system. IBM X-Force ID: 215353.
Ibm Security Verify Access 10.0.0
Ibm Security Verify Access 10.0.1.0
Ibm Security Verify Access 10.0.2.0
Ibm Security Verify Access Docker 10.0.0
Ibm Security Verify Access Docker 10.0.1.0
Ibm Security Verify Access Docker 10.0.2.0
9.1
CVSSv3
CVE-2016-3028
IBM Security Access Manager for Web 7.0 before IF2 and 8.0 prior to 8.0.1.4 IF3 and Security Access Manager 9.0 prior to 9.0.1.0 IF5 allow remote authenticated users to execute arbitrary commands by leveraging LMI admin access.
Ibm Security Access Manager For Web 7.0.0
Ibm Security Access Manager For Web 8.0.0
Ibm Security Access Manager For Web 8.0.0.2
Ibm Security Access Manager 9.0.0
Ibm Security Access Manager 9.0.0.1
Ibm Security Access Manager For Web 8.0.1
Ibm Security Access Manager For Web 8.0.1.2
Ibm Security Access Manager For Web 8.0.0.4
Ibm Security Access Manager For Web 8.0.0.5
Ibm Security Access Manager 9.0.1.0
Ibm Security Access Manager For Web 8.0.1.3
Ibm Security Access Manager For Web 8.0.1.4
NA
CVE-2014-3823
The Juniper Junos Pulse Secure Access Service (SSL VPN) devices with IVE OS 8.0 prior to 8.0r1, 7.4 prior to 7.4r5, and 7.1 prior to 7.1r18 allows remote malicious users to conduct clickjacking attacks via unspecified vectors.
Juniper Junos Pulse Secure Access Service 7.4
Juniper Junos Pulse Secure Access Service 7.1r9
Juniper Junos Pulse Secure Access Service 7.1r8
Juniper Junos Pulse Secure Access Service 7.1r1.1
Juniper Junos Pulse Secure Access Service 7.1r3
Juniper Junos Pulse Secure Access Service 7.1r2
Juniper Junos Pulse Secure Access Service 7.1r15
Juniper Junos Pulse Secure Access Service 7.1r14
Juniper Junos Pulse Secure Access Service 7.1
Juniper Junos Pulse Secure Access Service 7.1r7
Juniper Junos Pulse Secure Access Service 7.1r5
Juniper Junos Pulse Secure Access Service 7.1r12
Juniper Junos Pulse Secure Access Service 7.1r10
Juniper Junos Pulse Secure Access Service 8.0
Juniper Junos Pulse Secure Access Service 7.1r6
Juniper Junos Pulse Secure Access Service 7.1r4
Juniper Junos Pulse Secure Access Service 7.1r13
Juniper Junos Pulse Secure Access Service 7.1r11
5.3
CVSSv3
CVE-2022-27181
On F5 BIG-IP APM 16.1.x versions before 16.1.2.2, 15.1.x versions before 15.1.5.1, 14.1.x versions before 14.1.4.6, 13.1.x versions before 13.1.5, and all versions of 12.1.x and 11.6.x, when APM is configured on a virtual server and the associated access profile is configured wit...
F5 Big-ip Access Policy Manager 13.1.0
F5 Big-ip Access Policy Manager 14.1.0
F5 Big-ip Access Policy Manager 15.1.0
F5 Big-ip Access Policy Manager 14.1.4
F5 Big-ip Access Policy Manager 16.1.0
F5 Big-ip Access Policy Manager 16.1.2
F5 Big-ip Access Policy Manager 16.1.1
F5 Big-ip Access Policy Manager 15.1.5
F5 Big-ip Access Policy Manager 15.1.4
F5 Big-ip Access Policy Manager 15.1.3
F5 Big-ip Access Policy Manager 13.1.1
F5 Big-ip Access Policy Manager 13.1.3
F5 Big-ip Access Policy Manager 13.1.4
F5 Big-ip Access Policy Manager 13.1.5
F5 Big-ip Access Policy Manager 14.1.2
F5 Big-ip Access Policy Manager 14.1.3
F5 Big-ip Access Policy Manager 15.1.1
F5 Big-ip Access Policy Manager 15.1.2
8.1
CVSSv3
CVE-2016-3025
IBM Security Access Manager for Mobile 8.x prior to 8.0.1.4 IF3 and Security Access Manager 9.x prior to 9.0.1.0 IF5 do not properly restrict failed login attempts, which makes it easier for remote malicious users to obtain access via a brute-force approach.
Ibm Security Access Manager For Mobile 8.0.0.0
Ibm Security Access Manager For Mobile 8.0.1.2
Ibm Security Access Manager For Mobile 8.0.1.3
Ibm Security Access Manager For Mobile 8.0.0.3
Ibm Security Access Manager For Mobile 8.0.0.4
Ibm Security Access Manager 9.0.0.1
Ibm Security Access Manager 9.0.1.0
Ibm Security Access Manager For Mobile 8.0.0.5
Ibm Security Access Manager For Mobile 8.0.1
Ibm Security Access Manager For Mobile 8.0.0.1
Ibm Security Access Manager For Mobile 8.0.0.2
Ibm Security Access Manager For Mobile 8.0.1.4
Ibm Security Access Manager 9.0.0
NA
CVE-2014-3824
Cross-site scripting (XSS) vulnerability in the web server in the Juniper Junos Pulse Secure Access Service (SSL VPN) devices with IVE OS 8.0 prior to 8.0r6, 7.4 prior to 7.4r13, and 7.1 prior to 7.1r20 allows remote malicious users to inject arbitrary web script or HTML via unsp...
Juniper Junos Pulse Secure Access Service 7.1r9
Juniper Junos Pulse Secure Access Service 7.1r7
Juniper Junos Pulse Secure Access Service 7.1r2
Juniper Junos Pulse Secure Access Service 7.1r14
Juniper Junos Pulse Secure Access Service 7.1r12
Juniper Junos Pulse Secure Access Service 7.4
Juniper Junos Pulse Secure Access Service 7.1
Juniper Junos Pulse Secure Access Service 7.1r11
Juniper Junos Pulse Secure Access Service 7.1r10
Juniper Junos Pulse Secure Access Service 7.1r1.1
Juniper Junos Pulse Secure Access Service 8.0
Juniper Junos Pulse Secure Access Service 7.1r6
Juniper Junos Pulse Secure Access Service 7.1r5
Juniper Junos Pulse Secure Access Service 7.1r4
Juniper Junos Pulse Secure Access Service 7.1r3
Juniper Junos Pulse Secure Access Service 7.1r1
Juniper Junos Pulse Secure Access Service 7.1r8
Juniper Junos Pulse Secure Access Service 7.1r15
Juniper Junos Pulse Secure Access Service 7.1r13
9.3
CVSSv3
CVE-2018-2739
Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Server Plugin). Supported versions that are affected are 10.1.4.3.0, 11.1.2.3.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access...
Oracle Access Manager 10.1.4.3.0
Oracle Access Manager 12.2.1.3.0
Oracle Access Manager 11.1.2.3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »