Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
accounts vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-1092
Cisco VPN 3000 Concentrator 3.6(Rel) and previous versions, and 2.x.x, when configured to use internal authentication with group accounts and without any user accounts, allows remote VPN clients to log in using PPTP or IPSEC user authentication.
Cisco Vpn 3000 Concentrator Series Software
9.8
CVSSv3
CVE-2020-13858
An issue exists on Mofi Network MOFI4500-4GXeLTE 3.6.1-std and 4.0.8-std devices. They contain two undocumented administrator accounts. The sftp and mofidev accounts are defined in /etc/passwd and the password is not unique across installations.
Mofinetwork Mofi4500-4gxelte Firmware 3.6.1-std
Mofinetwork Mofi4500-4gxelte Firmware 4.0.8-std
4.9
CVSSv3
CVE-2022-23232
StorageGRID (formerly StorageGRID Webscale) versions before 11.6.0 are susceptible to a vulnerability which when successfully exploited could allow disabled, expired, or locked external user accounts to access S3 data to which they previously had access. StorageGRID 11.6.0 obtain...
Netapp Storagegrid
NA
CVE-2012-4771
Multiple cross-site scripting (XSS) vulnerabilities in Subrion CMS prior to 2.2.3 allow remote malicious users to inject arbitrary web script or HTML via the id parameter to (1) admin/accounts/, (2) admin/manage/, or (3) admin/manage/blocks/edit/; or (4) group parameter to admin/...
Intelliants Subrion Cms 2.2.0
Intelliants Subrion Cms 2.0.4
Intelliants Subrion Cms
Intelliants Subrion Cms 2.2.1
1 EDB exploit
NA
CVE-2012-3720
Mobile Accounts in Apple Mac OS X prior to 10.7.5 and 10.8.x prior to 10.8.2 saves password hashes for external-account use even if external accounts are not enabled, which might allow remote malicious users to determine passwords via unspecified access to a mobile account.
Apple Mac Os X 10.6.7
Apple Mac Os X 10.6.0
Apple Mac Os X 10.5.3
Apple Mac Os X 10.6.6
Apple Mac Os X 10.4.3
Apple Mac Os X 10.0.0
Apple Mac Os X 10.4.2
Apple Mac Os X 10.6.8
Apple Mac Os X 10.2.3
Apple Mac Os X 10.2.4
Apple Mac Os X 10.7.1
Apple Mac Os X 10.2.5
Apple Mac Os X 10.3.4
Apple Mac Os X 10.3.5
Apple Mac Os X 10.3.6
Apple Mac Os X 10.3.7
Apple Mac Os X 10.6.3
Apple Mac Os X 10.2
Apple Mac Os X 10.1.5
Apple Mac Os X 10.5.8
Apple Mac Os X 10.8.1
Apple Mac Os X 10.6.4
NA
CVE-2008-5400
Multiple cross-site request forgery (CSRF) vulnerabilities in mvnForum prior to 1.2.1 GA allow remote malicious users to (1) create forums, (2) change account privileges, (3) enable accounts, or (4) disable accounts as a product administrator via unspecified vectors, possibly rel...
Mvnforum Mvnforum 1.0.2.
Mvnforum Mvnforum 1.0.0 Beta3
Mvnforum Mvnforum 1.0.0 Rc3 01
Mvnforum Mvnforum 1.0 Ga
Mvnforum Mvnforum 1.0.0
Mvnforum Mvnforum 1.0.0 Beta2
Mvnforum Mvnforum 1.0.0 Rc1
Mvnforum Mvnforum 1.1
Mvnforum Mvnforum
Mvnforum Mvnforum 1.0.0 Rc4 04
Mvnforum Mvnforum 1.0.0 Rc4
Mvnforum Mvnforum 1.0.0 Beta1
Mvnforum Mvnforum 1.0 Rc4
Mvnforum Mvnforum 1.0.0 Rc2
8.8
CVSSv3
CVE-2018-7206
An issue exists in Project Jupyter JupyterHub OAuthenticator 0.6.x prior to 0.6.2 and 0.7.x prior to 0.7.3. When using JupyterHub with GitLab group whitelisting for access control, group membership was not checked correctly, allowing members not in the whitelisted groups to creat...
Jupyter Oauthenticator 0.6.0
Jupyter Oauthenticator 0.6.1
Jupyter Oauthenticator 0.7.0
Jupyter Oauthenticator 0.7.1
Jupyter Oauthenticator 0.7.2
9.8
CVSSv3
CVE-2019-20467
An issue exists on Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 devices. The device by default has a TELNET interface available (which is not advertised or functionally used, but is nevertheless available). Two backdoor accounts (root and default) exist that can be us...
Sannce Smart Hd Wifi Security Camera Ean 2 950004 595317 Firmware -
NA
CVE-2012-6632
Multiple cross-site scripting (XSS) vulnerabilities in Vessio NetBill 1.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) full name or (2) file title to accounts/admin/index.php or (3) comment parameter in the support page to accounts/index2.php.
Vessio Netbill 1.2
7.5
CVSSv3
CVE-2022-46405
Mastodon up to and including 4.0.2 allows malicious users to cause a denial of service (large Sidekiq pull queue) by creating bot accounts that follow attacker-controlled accounts on certain other servers associated with a wildcard DNS A record, such that there is uncontrolled re...
Joinmastodon Mastodon
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »