Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
access manager vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-20252
A vulnerability in the Security Assertion Markup Language (SAML) APIs of Cisco Catalyst SD-WAN Manager Software could allow an unauthenticated, remote malicious user to gain unauthorized access to the application as an arbitrary user. This vulnerability is due to improper authent...
Cisco Catalyst Sd-wan Manager 20.9.3.2
Cisco Catalyst Sd-wan Manager 20.11.1.2
9.8
CVSSv3
CVE-2023-3935
A heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service up to version 7.60b allows an unauthenticated, remote malicious user to achieve RCE and gain full access of the host system.
Wibu Codemeter Runtime
Trumpf Tubedesign
Trumpf Trutopsweld
Trumpf Trutopsprintmultilaserassistant
Trumpf Trutopsprint
Trumpf Trutops Mark 3d
Trumpf Trutopsfab Storage Smallstore
Trumpf Trutopsfab
Trumpf Trutops Cell Sw48
Trumpf Trutops Cell Classic
Trumpf Trutopsboost
Trumpf Trutops
Trumpf Trumpflicenseexpert
Trumpf Topscalculation
Trumpf Teczonebend
Trumpf Tops Unfold 05.03.00.00
Trumpf Programmingtube
Trumpf Oseon
Phoenixcontact Module Type Package Designer 1.2.0
Phoenixcontact Module Type Package Designer
Phoenixcontact Activation Wizard
Phoenixcontact Plcnext Engineer
9.8
CVSSv3
CVE-2023-35082
An authentication bypass vulnerability in Ivanti EPMM 11.10 and older, allows unauthorized users to access restricted functionality or resources of the application without proper authentication. This vulnerability is unique to CVE-2023-35078 announced earlier.
Ivanti Endpoint Manager Mobile
1 Article
9.8
CVSSv3
CVE-2023-40256
A vulnerability exists in Veritas NetBackup Snapshot Manager prior to 10.2.0.1 that allowed untrusted clients to interact with the RabbitMQ service. This was caused by improper validation of the client certificate due to misconfiguration of the RabbitMQ service. Exploiting this i...
Veritas Netbackup Snapshot Manager 9.1
Veritas Netbackup Snapshot Manager 9.1.0.1
Veritas Netbackup Snapshot Manager 10.0
Veritas Netbackup Snapshot Manager 10.0.0.1
Veritas Netbackup Snapshot Manager 10.1
Veritas Netbackup Snapshot Manager 10.1.1
Veritas Netbackup Snapshot Manager 10.2
Veritas Netbackup Snapshot Manager 9.0
Veritas Netbackup Snapshot Manager
9.8
CVSSv3
CVE-2023-35078
An authentication bypass vulnerability in Ivanti EPMM allows unauthorized users to access restricted functionality or resources of the application without proper authentication.
Ivanti Endpoint Manager Mobile
9 Github repositories
4 Articles
9.8
CVSSv3
CVE-2023-2068
The File Manager Advanced Shortcode WordPress plugin up to and including 2.3.2 does not adequately prevent uploading files with disallowed MIME types when using the shortcode. This leads to RCE in cases where the allowed MIME type list does not include PHP files. In the worst cas...
Advancedfilemanager File Manager Advanced Shortcode
9.8
CVSSv3
CVE-2023-29475
inventory in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 prior to 10 R1.34.4 allows an unauthenticated malicious user to run arbitrary commands on the platform operating system and achieve administrative access, aka OSFOURK-23543.
Atos Unify Openscape 4000 Manager 10
Atos Unify Openscape 4000 10
9.8
CVSSv3
CVE-2023-29473
webservice in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 prior to 10 R1.34.4 allows an unauthenticated malicious user to run arbitrary commands on the platform operating system and achieve administrative access, aka OSFOURK-23710.
Atos Unify Openscape 4000 Manager 10
Atos Unify Openscape 4000 10
9.8
CVSSv3
CVE-2023-29474
inventory in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 prior to 10 R1.34.4 allows an unauthenticated malicious user to run arbitrary commands on the platform operating system and achieve administrative access, aka OSFOURK-23552.
Atos Unify Openscape 4000 Manager 10
Atos Unify Openscape 4000 10
9.8
CVSSv3
CVE-2022-47966
Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code execution due to use of Apache Santuario xmlsec (aka XML Security for Java) 1.4.1, because the xmlsec XSLT features, by design in that version, make the application responsib...
Zohocorp Manageengine Access Manager Plus 4.3
Zohocorp Manageengine Access Manager Plus
Zohocorp Manageengine Ad360
Zohocorp Manageengine Ad360 4.3
Zohocorp Manageengine Adaudit Plus 7.0
Zohocorp Manageengine Adaudit Plus
Zohocorp Manageengine Admanager Plus 7.1
Zohocorp Manageengine Admanager Plus
Zohocorp Manageengine Adselfservice Plus 6.2
Zohocorp Manageengine Adselfservice Plus
Zohocorp Manageengine Analytics Plus
Zohocorp Manageengine Analytics Plus 5.1
Zohocorp Manageengine Assetexplorer 6.9
Zohocorp Manageengine Assetexplorer
Zohocorp Manageengine Key Manager Plus
Zohocorp Manageengine Key Manager Plus 6.4
Zohocorp Manageengine Pam360 5.7
Zohocorp Manageengine Pam360
Zohocorp Manageengine Password Manager Pro
Zohocorp Manageengine Password Manager Pro 12.1
Zohocorp Manageengine Servicedesk Plus
Zohocorp Manageengine Servicedesk Plus 14.0
2 Metasploit modules
6 Github repositories
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »