Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
alarm vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-0229
The ProcessSSDPRequest function in minissdp.c in the SSDP handler in MiniUPnP MiniUPnPd prior to 1.4 allows remote malicious users to cause a denial of service (service crash) via a crafted request that triggers a buffer over-read.
Miniupnp Project Miniupnpd
Miniupnp Project Miniupnpd 1.2
Miniupnp Project Miniupnpd 1.1
Miniupnp Project Miniupnpd 1.0
2 EDB exploits
1 Github repository
7.5
CVSSv3
CVE-2019-12480
BACnet Protocol Stack up to and including 0.8.6 has a segmentation fault leading to denial of service in BACnet APDU Layer because a malformed DCC in AtomicWriteFile, AtomicReadFile and DeviceCommunicationControl services. An unauthenticated remote attacker could cause a denial o...
Bacnet Protocol Stack Project Bacnet Protocol Stack
1 EDB exploit
3 Github repositories
6.1
CVSSv3
CVE-2023-0846
Unauthenticated, stored cross-site scripting in the display of alarm reduction keys in multiple versions of OpenNMS Horizon and Meridian could allow an attacker access to confidential session information. Users should upgrade to Meridian 2023.1.0 or newer, or Horizon 31.0.4. Meri...
Opennms Horizon
Opennms Meridian
9.8
CVSSv3
CVE-2021-22986
On BIG-IP versions 16.0.x prior to 16.0.1.1, 15.1.x prior to 15.1.2.1, 14.1.x prior to 14.1.4, 13.1.x prior to 13.1.3.6, and 12.1.x prior to 12.1.5.3 amd BIG-IQ 7.1.0.x prior to 7.1.0.3 and 7.0.0.x prior to 7.0.0.2, the iControl REST interface has an unauthenticated remote comman...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Analytics
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Link Controller
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Ddos Hybrid Defender
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Big-iq Centralized Management
F5 Ssl Orchestrator
1 Metasploit module
23 Github repositories
2 Articles
7.7
CVSSv3
CVE-2020-16096
In Gallagher Command Centre versions 8.10 before 8.10.1134(MR4), 8.00 before 8.00.1161(MR5), 7.90 before 7.90.991(MR5), 7.80 before 7.80.960(MR2), 7.70 and previous versions, any operator account has access to all data that would be replicated if the system were to be (or is) att...
Gallagher Command Centre
Gallagher Command Centre 7.80.960
Gallagher Command Centre 7.90.991
Gallagher Command Centre 8.00.1161
Gallagher Command Centre 8.10.1134
8.8
CVSSv3
CVE-2021-42760
A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiWLM version 8.6.1 and below allows malicious user to disclose sensitive information from DB tables via crafted requests.
Fortinet Fortiwlm
5.4
CVSSv3
CVE-2023-26061
An issue exists in Nokia NetAct prior to 22 FP2211. On the Scheduled Search tab under the Alarm Reports Dashboard page, users can create a script to inject XSS. Input validation was missing during creation of a scheduled task. For an external attacker, it is very difficult to exp...
Nokia Netact
5.9
CVSSv3
CVE-2023-28320
A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous resolver, it allows name resolves to time-out slow operations using `alarm()`...
Haxx Curl
Apple Macos
Netapp Clustered Data Ontap -
Netapp Ontap Antivirus Connector -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
1 Github repository
8.6
CVSSv3
CVE-2019-13465
An issue exists in the ROS communications-related packages (aka ros_comm or ros-melodic-ros-comm) up to and including 1.14.3. ROS_ASSERT_MSG only works when ROS_ASSERT_ENABLED is defined. This leads to a problem in the remove() function in clients/roscpp/src/libros/spinner.cpp. W...
Ros Ros-comm
7.7
CVSSv3
CVE-2021-23017
A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
F5 Nginx
Openresty Openresty
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Netapp Ontap Select Deploy Administration Utility -
Oracle Communications Operations Monitor 3.4
Oracle Enterprise Session Border Controller 8.4
Oracle Communications Operations Monitor 4.2
Oracle Communications Operations Monitor 4.3
Oracle Communications Session Border Controller 8.4
Oracle Enterprise Session Border Controller 9.0
Oracle Communications Session Border Controller 9.0
Oracle Enterprise Communications Broker 3.3.0
Oracle Enterprise Telephony Fraud Monitor 4.2
Oracle Enterprise Telephony Fraud Monitor 4.3
Oracle Enterprise Telephony Fraud Monitor 4.4
Oracle Enterprise Telephony Fraud Monitor 3.4
Oracle Communications Operations Monitor 4.4
Oracle Communications Fraud Monitor
Oracle Communications Control Plane Monitor 4.2
Oracle Communications Control Plane Monitor 4.3
Oracle Communications Control Plane Monitor 4.4
27 Github repositories
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »