Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
anonymous vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2020-1225
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1226.
Microsoft 365 Apps -
Microsoft Excel 2010
Microsoft Excel 2013
Microsoft Excel 2016
Microsoft Office 2016
Microsoft Office 2019
2 Articles
7.5
CVSSv3
CVE-2021-22146
All versions of Elastic Cloud Enterprise has the Elasticsearch “anonymous” user enabled by default in deployed clusters. While in the default setting the anonymous user has no permissions and is unable to successfully query any Elasticsearch APIs, an attacker could le...
Elastic Elasticsearch 7.13.3
1 Github repository
NA
CVE-2013-4594
The Payment for Webform module 7.x-1.x prior to 7.x-1.5 for Drupal does not restrict access by anonymous users, which allows remote anonymous users to use the payment of other anonymous users when submitting a form that requires payment.
Payment For Webform Project Payment For Webform 7.x-1.5
Payment For Webform Project Payment For Webform 7.x-1.2
Payment For Webform Project Payment For Webform 7.x-1.4
Payment For Webform Project Payment For Webform 7.x-1.0
Payment For Webform Project Payment For Webform 7.x-1.1
Payment For Webform Project Payment For Webform 7.x-1.3
NA
CVE-2004-1891
The ftp_syslog function in ftpd in SGI IRIX 6.5.20 "doesn't work with anonymous FTP," which has an unknown impact, possibly preventing the actions of anonymous users from being logged.
Sgi Irix 6.5.20
NA
CVE-2024-0563
Denial of service condition in M-Files Server in versions prior to 24.2 (excluding 23.2 SR7 and 23.8 SR5) allows anonymous user to cause denial of service against other anonymous users.
6.5
CVSSv3
CVE-2022-42446
Starting with Sametime 12, anonymous users are enabled by default. After logging in as an anonymous user, one has the ability to browse the User Directory and potentially create chats with internal users.
Hcltech Sametime 12.0
NA
CVE-1999-1411
The installation of the fsp package 2.71-10 in Debian GNU/Linux 2.0 adds the anonymous FTP user without notifying the administrator, which could automatically enable anonymous FTP on some servers such as wu-ftp.
Debian Debian Linux 2.0
7.5
CVSSv3
CVE-2017-5635
In Apache NiFi prior to 0.7.2 and 1.x prior to 1.1.2 in a cluster environment, if an anonymous user request is replicated to another node, the originating node identity is used rather than the "anonymous" user.
Apache Nifi 0.7.1
Apache Nifi 0.7.0
Apache Nifi 1.1.1
Apache Nifi 1.1.0
4.9
CVSSv3
CVE-2017-1000145
Mahara 1.9 prior to 1.9.7 and 1.10 prior to 1.10.5 and 15.04 prior to 15.04.2 are vulnerable to anonymous comments being able to be placed on artefact detail pages even when the site administrator had disallowed anonymous comments.
Mahara Mahara 1.9.0
Mahara Mahara 1.9
Mahara Mahara 1.9.6
Mahara Mahara 1.9.2
Mahara Mahara 1.9.4
Mahara Mahara 1.9.5
Mahara Mahara 1.9.1
Mahara Mahara 1.9.3
Mahara Mahara 1.10.1
Mahara Mahara 1.10.3
Mahara Mahara 1.10
Mahara Mahara 1.10.0
Mahara Mahara 1.10.2
Mahara Mahara 1.10.4
Mahara Mahara 15.04
Mahara Mahara 15.04.0
Mahara Mahara 15.04.1
NA
CVE-2014-2983
Drupal 6.x prior to 6.31 and 7.x prior to 7.27 does not properly isolate the cached data of different anonymous users, which allows remote anonymous users to obtain sensitive interim form input information in opportunistic situations via unspecified vectors.
Drupal Drupal
Debian Debian Linux 6.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »