Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
acl vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-1243
A vulnerability in the Local Packet Transport Services (LPTS) programming of the SNMP with the management plane protection feature of Cisco IOS XR Software could allow an unauthenticated, remote malicious user to allow connections despite the management plane protection that is c...
Cisco Ios Xr
Cisco Ios Xr 7.0.11
Cisco Ios Xr 6.7.1
Cisco Ios Xr 7.2.0
Cisco Ios Xr 7.1.0
8.8
CVSSv3
CVE-2023-36824
Redis is an in-memory database that persists on disk. In Redit 7.0 before 7.0.12, extracting key names from a command and a list of arguments may, in some cases, trigger a heap overflow and result in reading random heap memory, heap corruption and potentially remote code executio...
Redis Redis
Fedoraproject Fedora 37
Fedoraproject Fedora 38
4.1
CVSSv3
CVE-2018-0250
A vulnerability in Central Web Authentication (CWA) with FlexConnect Access Points (APs) for Cisco Aironet 1560, 1810, 1810w, 1815, 1830, 1850, 2800, and 3800 Series APs could allow an authenticated, adjacent malicious user to bypass a configured FlexConnect access control list (...
Cisco Aironet Access Point Software 8.4\\(100.0\\)
Cisco Aironet Access Point Software 8.7\\(1.3\\)
Cisco Aironet Access Point Software 8.2\\(160.0\\)
NA
CVE-2007-0454
Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 up to and including 3.0.23d allows context-dependent malicious users to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL...
Samba Samba 3.0.14
Samba Samba 3.0.14a
Samba Samba 3.0.21c
Samba Samba 3.0.22
Samba Samba 3.0.12
Samba Samba 3.0.13
Samba Samba 3.0.21a
Samba Samba 3.0.21b
Samba Samba 3.0.9
Samba Samba 3.0.20
Samba Samba 3.0.20a
Samba Samba 3.0.23d
Samba Samba 3.0.6
Samba Samba 3.0.10
Samba Samba 3.0.11
Samba Samba 3.0.20b
Samba Samba 3.0.21
Samba Samba 3.0.7
Samba Samba 3.0.8
Debian Debian Linux 3.0
Debian Debian Linux 3.1
Mandrakesoft Mandrake Linux 2006
NA
CVE-2008-4578
The ACL plugin in Dovecot prior to 1.1.4 allows malicious users to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes.
Dovecot Dovecot 1.0.rc15
Dovecot Dovecot 1.0.rc14
Dovecot Dovecot 1.0.7
Dovecot Dovecot 1.0.rc22
Dovecot Dovecot 1.0.9
Dovecot Dovecot 1.0.rc25
Dovecot Dovecot 0.99.13
Dovecot Dovecot 1.0.beta2
Dovecot Dovecot 1.0.5
Dovecot Dovecot 1.0.beta6
Dovecot Dovecot 1.0.rc13
Dovecot Dovecot 1.0.rc5
Dovecot Dovecot 1.1.0
Dovecot Dovecot 1.1.1
Dovecot Dovecot 1.0.12
Dovecot Dovecot 1.1
Dovecot Dovecot 1.0.rc20
Dovecot Dovecot 1.0.rc2
Dovecot Dovecot 1.0.8
Dovecot Dovecot 1.0.rc23
Dovecot Dovecot 1.0.rc26
Dovecot Dovecot 1.0.beta1
NA
CVE-2020-28418
A weak ACL may potentially allow an unauthorized person to load arbitrary code.
9.8
CVSSv3
CVE-2019-12164
ubuntu-server.js in Status React Native Desktop before v0.57.8_mobile_ui allows Remote Code Execution.
Status React Native Desktop
5.3
CVSSv3
CVE-2020-3364
A vulnerability in the access control list (ACL) functionality of the standby route processor management interface of Cisco IOS XR Software could allow an unauthenticated, remote malicious user to reach the configured IP addresses on the standby route processor management Gigabit...
Cisco Ios Xr 6.7.1
Cisco Ios Xr 7.0.2
Cisco Ios Xr 7.0.11
Cisco Ios Xr 7.0.12
Cisco Ios Xr 7.1.1
Cisco Ios Xr 7.1.15
NA
CVE-2004-0189
The "%xx" URL decoding function in Squid 2.5STABLE4 and previous versions allows remote malicious users to bypass url_regex ACLs via a URL with a NULL ("%00") character, which causes Squid to use only a portion of the requested URL when comparing it against th...
Squid Squid 2.4 Stable7
Squid Squid 2.5 Stable3
Squid Squid 2.0 Patch2
Squid Squid 2.1 Patch2
Squid Squid 2.3 Stable5
Squid Squid 2.4
Squid Squid 2.5 Stable4
1 EDB exploit
8.8
CVSSv3
CVE-2019-1003001
A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.61 and previous versions in src/main/java/org/jenkinsci/plugins/workflow/cps/CpsFlowDefinition.java, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShellFactory.java that allows attackers with Overall/R...
Jenkins Pipeline\\ Groovy
Redhat Openshift Container Platform 3.11
1 EDB exploit
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2024-20360
CVE-2021-47559
XXE
CVE-2024-5229
CVE-2021-47543
CVE-2021-47571
SSTI
CVE-2024-4978
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »